conversion to berval DN

diff --git a/servers/slapd/back-meta/add.c b/servers/slapd/back-meta/add.c
index f23c4bb15434dcc4a356aa8eed8744793e712ebb..f061f443c452431124ec82808a6bea88bc6a30d7 100644 (file)
--- a/servers/slapd/back-meta/add.c
+++ b/servers/slapd/back-meta/add.c
@@ -102,8 +102,10 @@ meta_back_add(
         * get the current connection
         */
        lc = meta_back_getconn( li, conn, op, META_OP_REQUIRE_SINGLE,
-                       e->e_ndn, &candidate );
-       if ( !lc || !meta_back_dobind( lc, op ) ) {
+                       &e->e_nname, &candidate );
+       if ( !lc || !meta_back_dobind( lc, op ) || !meta_back_is_valid( lc, candidate ) ) {
+               send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+                               NULL, NULL, NULL, NULL );
                return -1;
        }
 

diff --git a/servers/slapd/back-meta/attribute.c b/servers/slapd/back-meta/attribute.c
index 8d6e64677a3df32f79d867edee36ca8c347785a0..441f0d0e84f7a9cacb8637359e6fe76a64b24f1b 100644 (file)
--- a/servers/slapd/back-meta/attribute.c
+++ b/servers/slapd/back-meta/attribute.c
@@ -89,7 +89,7 @@ meta_back_attribute(
                Connection              *conn,
                Operation               *op,
                Entry                   *target,
-               const char              *ndn,
+               struct berval           *ndn,
                AttributeDescription    *entry_at,
                struct berval           ***vals
 )
@@ -104,7 +104,7 @@ meta_back_attribute(
        LDAP *ld;
 
        *vals = NULL;
-       if ( target != NULL && strcmp( target->e_ndn, ndn ) == 0 ) {
+       if ( target != NULL && strcmp( target->e_ndn, ndn->bv_val ) == 0 ) {
                /* we already have a copy of the entry */
                /* attribute and objectclass mapping has already been done */
                attr = attr_find( target->e_attrs, entry_at );
@@ -147,15 +147,16 @@ meta_back_attribute(
                return 1;
        }
 
-       rc = ldap_bind_s( ld, li->targets[ candidate ]->binddn,
-                       li->targets[ candidate ]->bindpw, LDAP_AUTH_SIMPLE );
+       rc = ldap_bind_s( ld, li->targets[ candidate ]->binddn->bv_val,
+                       li->targets[ candidate ]->bindpw->bv_val, LDAP_AUTH_SIMPLE );
        if ( rc != LDAP_SUCCESS) {
                return 1;
        }
 
        gattr[ 0 ] = mapped;
        gattr[ 1 ] = NULL;
-       if ( ldap_search_ext_s( ld, ndn, LDAP_SCOPE_BASE, "(objectclass=*)",
+       if ( ldap_search_ext_s( ld, ndn->bv_val, LDAP_SCOPE_BASE, 
+                               "(objectclass=*)",
                                gattr, 0, NULL, NULL, LDAP_NO_LIMIT,
                                LDAP_NO_LIMIT, &result) == LDAP_SUCCESS) {
                if ( ( e = ldap_first_entry( ld, result ) ) != NULL ) {

diff --git a/servers/slapd/back-meta/back-meta.h b/servers/slapd/back-meta/back-meta.h
index 212425e546628282b58b37ce19b8bcf96da03766..0c99d1e4f5a8372b1de3cecc77406cb0827fbb04 100644 (file)
--- a/servers/slapd/back-meta/back-meta.h
+++ b/servers/slapd/back-meta/back-meta.h
@@ -89,7 +89,7 @@ struct metasingleconn {
 #define        META_CANDIDATE          1
        
        LDAP                    *ld;
-       char                    *bound_dn;
+       struct berval           *bound_dn;
        int                     bound;
 #define META_UNBOUND           0
 #define META_BOUND             1
@@ -113,12 +113,13 @@ struct metaconn {
 
 struct metatarget {
        char                    *uri;
-       char                    *suffix;/* normalized suffix */
-       char                    *binddn;
-       char                    *bindpw;
+       struct berval           *psuffix;       /* pretty suffix */
+       struct berval           *suffix;        /* normalized suffix */
+       struct berval           *binddn;
+       struct berval           *bindpw;
 
-       char                    *pseudorootdn;
-       char                    *pseudorootpw;
+       struct berval           *pseudorootdn;
+       struct berval           *pseudorootpw;
 
        struct rewrite_info     *rwinfo;
 
@@ -151,9 +152,9 @@ extern int
 meta_back_do_single_bind(
                struct metainfo         *li,
                struct metaconn         *lc,
-               const char              *dn,
-               const char              *ndn,
-               const char              *cred,
+               struct berval           *dn,
+               struct berval           *ndn,
+               struct berval           *cred,
                int                     method,
                int                     candidate
 );
@@ -168,7 +169,7 @@ meta_back_getconn(
                struct                  slap_conn *conn,
                struct                  slap_op *op,
                int                     op_type,
-               const                   char *dn,
+               struct berval           *dn,
                int                     *candidate
 );
 
@@ -178,6 +179,12 @@ meta_back_dobind(
                Operation               *op
 );
 
+extern int
+meta_back_is_valid(
+               struct metaconn         *lc, 
+               int                     candidate 
+);
+
 extern int
 meta_back_op_result(
                struct metaconn         *lc,
@@ -207,27 +214,26 @@ meta_back_conn_dup(
  */
 extern int
 meta_back_is_candidate(
-               const char              *nsuffix,
-               const char              *ndn,
-               int                     ndnlen
+               struct berval           *nsuffix,
+               struct berval           *ndn
 );
 
 extern int
 meta_back_count_candidates(
                struct metainfo         *li,
-               const char              *ndn
+               struct berval           *ndn
 );
 
 extern int
 meta_back_is_candidate_unique(
                struct metainfo         *li,
-               const char              *ndn
+               struct berval           *ndn
 );
 
 extern int
 meta_back_select_unique_candidate(
                struct metainfo         *li,
-               const char              *ndn
+               struct berval           *ndn
 );
 
 extern int
@@ -262,20 +268,20 @@ meta_dncache_dup(
 extern int
 meta_dncache_get_target(
                struct metadncache      *cache,
-               const char              *ndn
+               struct berval           *ndn
 );
 
 extern int
 meta_dncache_update_entry(
                struct metadncache      *cache,
-               const char              *ndn,
+               struct berval           *ndn,
                int                     target
 );
 
 extern int
 meta_dncache_delete_entry(
                struct metadncache      *cache,
-               const char              *ndn
+               struct berval           *ndn
 );
 
 extern void

diff --git a/servers/slapd/back-meta/bind.c b/servers/slapd/back-meta/bind.c
index 86fbf7e116250b4a93cad50f8632d92631972340..4551173ddde1dc1c4c891951df4a28fa5f238b99 100644 (file)
--- a/servers/slapd/back-meta/bind.c
+++ b/servers/slapd/back-meta/bind.c
@@ -96,9 +96,9 @@ meta_back_bind(
        int op_type = META_OP_ALLOW_MULTIPLE;
        int err = LDAP_SUCCESS;
 
-       char *realdn = (char *)dn->bv_val;
-       char *realndn = (char *)ndn->bv_val;
-       char *realcred = cred->bv_val;
+       struct berval *realdn = dn;
+       struct berval *realndn = ndn;
+       struct berval *realcred = cred;
        int realmethod = method;
 
 #ifdef NEW_LOGGING
@@ -114,7 +114,7 @@ meta_back_bind(
                ber_dupbv( edn, be_root_dn( be ) );
                op_type = META_OP_REQUIRE_ALL;
        }
-       lc = meta_back_getconn( li, conn, op, op_type, ndn->bv_val, NULL );
+       lc = meta_back_getconn( li, conn, op, op_type, ndn, NULL );
        if ( !lc ) {
 #ifdef NEW_LOGGING
                LDAP_LOG(( "backend", LDAP_LEVEL_NOTICE,
@@ -214,9 +214,9 @@ int
 meta_back_do_single_bind(
                struct metainfo         *li,
                struct metaconn         *lc,
-               const char              *dn,
-               const char              *ndn,
-               const char              *cred,
+               struct berval           *dn,
+               struct berval           *ndn,
+               struct berval           *cred,
                int                     method,
                int                     candidate
 )
@@ -228,18 +228,18 @@ meta_back_do_single_bind(
         * Rewrite the bind dn if needed
         */
        switch ( rewrite_session( li->targets[ candidate ]->rwinfo,
-                               "bindDn", dn, lc->conn, &mdn ) ) {
+                               "bindDn", dn->bv_val, lc->conn, &mdn ) ) {
        case REWRITE_REGEXEC_OK:
                if ( mdn == NULL ) {
-                       mdn = ( char * )dn;
+                       mdn = ( char * )dn->bv_val;
                }
 #ifdef NEW_LOGGING
                LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
-                               "[rw] bindDn: \"%s\" -> \"%s\"\n", dn, mdn ));
+                               "[rw] bindDn: \"%s\" -> \"%s\"\n", dn->bv_val, mdn ));
 #else /* !NEW_LOGGING */
                Debug( LDAP_DEBUG_ARGS,
                                "rw> bindDn: \"%s\" -> \"%s\"\n%s",
-                               dn, mdn, "" );
+                               dn->bv_val, mdn, "" );
 #endif /* !NEW_LOGGING */
                break;
                
@@ -250,22 +250,22 @@ meta_back_do_single_bind(
                return LDAP_OPERATIONS_ERROR;
        }
 
-       rc = ldap_bind_s( lc->conns[ candidate ]->ld, mdn, cred, method );
+       rc = ldap_bind_s( lc->conns[ candidate ]->ld, mdn, cred->bv_val, method );
        if ( rc != LDAP_SUCCESS ) {
                rc = ldap_back_map_result( rc );
        } else {
-               lc->conns[ candidate ]->bound_dn = ch_strdup( dn );
+               lc->conns[ candidate ]->bound_dn = ber_bvdup( dn );
                lc->conns[ candidate ]->bound = META_BOUND;
                lc->bound_target = candidate;
 
                if ( li->cache.ttl != META_DNCACHE_DISABLED
-                               && ndn[ 0 ] != '\0' ) {
+                               && ndn->bv_len != 0 ) {
                        ( void )meta_dncache_update_entry( &li->cache,
-                                       ch_strdup( ndn ), candidate );
+                                       ber_bvdup( ndn ), candidate );
                }
        }
        
-       if ( mdn != dn ) {
+       if ( mdn != dn->bv_val ) {
                free( mdn );
        }
 
@@ -311,7 +311,7 @@ meta_back_dobind( struct metaconn *lc, Operation *op )
                 * (note: if the target was already bound, the anonymous
                 * bind clears the previous bind).
                 */
-               rc = ldap_bind_s( lsc[ 0 ]->ld, lsc[ 0 ]->bound_dn,
+               rc = ldap_bind_s( lsc[ 0 ]->ld, lsc[ 0 ]->bound_dn->bv_val,
                                NULL, LDAP_AUTH_SIMPLE );
                if ( rc != LDAP_SUCCESS ) {
                        
@@ -320,14 +320,14 @@ meta_back_dobind( struct metaconn *lc, Operation *op )
                                        "meta_back_dobind: (anonymous)"
                                        " bind as \"%s\" failed"
                                        " with error \"%s\"\n",
-                                       lsc[ 0 ]->bound_dn,
+                                       lsc[ 0 ]->bound_dn->bv_val,
                                        ldap_err2string( rc ) ));
 #else /* !NEW_LOGGING */
                        Debug( LDAP_DEBUG_ANY,
                                        "==>meta_back_dobind: (anonymous)"
                                        " bind as \"%s\" failed"
                                        " with error \"%s\"\n%s",
-                                       lsc[ 0 ]->bound_dn,
+                                       lsc[ 0 ]->bound_dn->bv_val,
                                        ldap_err2string( rc ), "" );
 #endif /* !NEW_LOGGING */
 
@@ -349,6 +349,32 @@ meta_back_dobind( struct metaconn *lc, Operation *op )
        return( bound > 0 );
 }
 
+/*
+ *
+ */
+int
+meta_back_is_valid( struct metaconn *lc, int candidate )
+{
+       struct metasingleconn   **lsc;
+       int                     i;
+
+       assert( lc );
+
+       if ( candidate < 0 ) {
+               return 0;
+       }
+
+       for ( i = 0, lsc = lc->conns; 
+                       lsc[ 0 ] != NULL && i < candidate; 
+                       ++i, ++lsc );
+       
+       if ( lsc[ 0 ] ) {
+               return( lsc[ 0 ]->ld != NULL );
+       }
+
+       return 0;
+}
+
 /*
  * FIXME: error return must be handled in a cleaner way ...
  */

diff --git a/servers/slapd/back-meta/candidates.c b/servers/slapd/back-meta/candidates.c
index ee2bf0171fa611474acb771c3e59b3a8ffc71cb1..330f5b87469addd52207e6b2a7c218cc25ff7209 100644 (file)
--- a/servers/slapd/back-meta/candidates.c
+++ b/servers/slapd/back-meta/candidates.c
@@ -101,43 +101,14 @@
  */
 int 
 meta_back_is_candidate(
-               const char      *nsuffix,
-               const char      *ndn,
-               int             ndnlen
+               struct berval   *nsuffix,
+               struct berval   *ndn
 )
 {
-       int len = strlen( nsuffix );
-
-       if ( len > ndnlen ) {
+       if ( dnIsSuffix( nsuffix, ndn ) || dnIsSuffix( ndn, nsuffix ) ) {
                /*
                 * suffix longer than dn
                 */
-               if ( ! DN_SEPARATOR( nsuffix[ ( len - ndnlen ) - 1 ] ) ) {
-                       /*
-                        * not a separator begins the possible common part
-                        */
-                       return META_NOT_CANDIDATE;
-               }
-
-               if ( strcmp( &nsuffix[ len - ndnlen ] , ndn ) == 0 ) {
-                       /*
-                        * Got it!
-                        */
-                       return META_CANDIDATE;
-               }
-       }
-
-       if ( len < ndnlen && ! DN_SEPARATOR( ndn[ ( ndnlen - len ) - 1 ] ) ) {
-               /*
-                * not a separator begins the possible common part
-                */
-               return META_NOT_CANDIDATE;
-       }
-
-       if ( strcmp( nsuffix, &ndn[ ndnlen - len ] ) == 0 ) {
-               /*
-                * Got it!
-                */
                return META_CANDIDATE;
        }
 
@@ -154,10 +125,10 @@ meta_back_is_candidate(
 int
 meta_back_count_candidates(
                struct metainfo         *li,
-               const char              *ndn
+               struct berval           *ndn
 )
 {
-       int i, cnt = 0, ndnlen = strlen( ndn );
+       int i, cnt = 0;
 
        /*
         * I know assertions should not check run-time values;
@@ -168,8 +139,7 @@ meta_back_count_candidates(
        assert( li->ntargets != 0 );
 
        for ( i = 0; i < li->ntargets; ++i ) {
-               if ( meta_back_is_candidate( li->targets[ i ]->suffix,
-                                       ndn, ndnlen ) ) {
+               if ( meta_back_is_candidate( li->targets[ i ]->suffix, ndn ) ) {
                        ++cnt;
                }
        }
@@ -186,7 +156,7 @@ meta_back_count_candidates(
 int
 meta_back_is_candidate_unique(
                struct metainfo         *li,
-               const char              *ndn
+               struct berval           *ndn
 )
 {
        return ( meta_back_count_candidates( li, ndn ) == 1 );
@@ -202,10 +172,10 @@ meta_back_is_candidate_unique(
 int
 meta_back_select_unique_candidate(
                struct metainfo         *li,
-               const char              *ndn
+               struct berval           *ndn
 )
 {
-       int i, ndnlen;
+       int i;
        
        switch ( meta_back_count_candidates( li, ndn ) ) {
        case 1:
@@ -216,10 +186,8 @@ meta_back_select_unique_candidate(
                                ? -1 : li->defaulttarget );
        }
 
-       ndnlen = strlen( ndn );
        for ( i = 0; i < li->ntargets; ++i ) {
-               if ( meta_back_is_candidate( li->targets[ i ]->suffix,
-                                       ndn, ndnlen ) ) {
+               if ( meta_back_is_candidate( li->targets[ i ]->suffix, ndn ) ) {
                        return i;
                }
        }
@@ -275,7 +243,7 @@ meta_clear_one_candidate(
        }
 
        if ( lsc->bound_dn != NULL ) {
-               free( lsc->bound_dn );
+               ber_bvfree( lsc->bound_dn );
                lsc->bound_dn = NULL;
        }
 

diff --git a/servers/slapd/back-meta/compare.c b/servers/slapd/back-meta/compare.c
index 192a61e7f34f2927b03ad6b3301bd31144983419..fd009c57dc4d27e297889247ddcfc887051a6b1e 100644 (file)
--- a/servers/slapd/back-meta/compare.c
+++ b/servers/slapd/back-meta/compare.c
@@ -80,8 +80,8 @@ meta_back_compare(
                Backend                 *be,
                Connection              *conn,
                Operation               *op,
-               const char              *dn,
-               const char              *ndn,
+               struct berval           *dn,
+               struct berval           *ndn,
                AttributeAssertion      *ava
 )
 {
@@ -120,19 +120,20 @@ meta_back_compare(
                 * Rewrite the compare dn, if needed
                 */
                switch ( rewrite_session( li->targets[ i ]->rwinfo,
-                                       "compareDn", dn, conn, &mdn ) ) {
+                                       "compareDn", 
+                                       dn->bv_val, conn, &mdn ) ) {
                case REWRITE_REGEXEC_OK:
                        if ( mdn == NULL ) {
-                               mdn = ( char * )dn;
+                               mdn = ( char * )dn->bv_val;
                        }
 #ifdef NEW_LOGGING
                        LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
                                        "[rw] compareDn: \"%s\" -> \"%s\"\n",
-                                       dn, mdn ));
+                                       dn->bv_val, mdn ));
 #else /* !NEW_LOGGING */
                        Debug( LDAP_DEBUG_ARGS,
                                        "rw> compareDn: \"%s\" -> \"%s\"\n%s",
-                                       dn, mdn, "" );
+                                       dn->bv_val, mdn, "" );
 #endif /* !NEW_LOGGING */
                        break;
                
@@ -185,7 +186,7 @@ meta_back_compare(
                        continue;
                }
 
-               if ( mdn != dn ) {
+               if ( mdn != dn->bv_val ) {
                        free( mdn );
                }
                if ( mapped_attr != ava->aa_desc->ad_cname.bv_val ) {
@@ -243,7 +244,7 @@ meta_back_compare(
                                         * sending to cache ...
                                         */
                                        if ( li->cache.ttl != META_DNCACHE_DISABLED ) {
-                                               ( void )meta_dncache_update_entry( &li->cache, ch_strdup( ndn ), i );
+                                               ( void )meta_dncache_update_entry( &li->cache, ber_bvdup( ndn ), i );
                                        }
 
                                        count++;

diff --git a/servers/slapd/back-meta/config.c b/servers/slapd/back-meta/config.c
index 0cc797f7bf8d4329f951218eeb3bb1a0a79b525e..a21c8d56c99c0fb183164bc34ef7b2826841f409 100644 (file)
--- a/servers/slapd/back-meta/config.c
+++ b/servers/slapd/back-meta/config.c
@@ -137,12 +137,14 @@ meta_back_db_config(
 
        /* URI of server to query */
        if ( strcasecmp( argv[ 0 ], "uri" ) == 0 ) {
-               int i = li->ntargets;
+               int             i = li->ntargets;
 #if 0
-               int j;
+               int             j;
 #endif /* uncomment if uri MUST be a branch of suffix */
-               LDAPURLDesc *ludp;
-               char *last;
+               LDAPURLDesc     *ludp;
+               char            *last;
+               struct berval   dn, *pdn = NULL, *ndn = NULL;
+               int             rc;
                
                if ( argc != 2 ) {
                        fprintf( stderr,
@@ -197,17 +199,33 @@ meta_back_db_config(
                /*
                 * copies and stores uri and suffix
                 */
-               li->targets[ i ]->suffix = ch_strdup( ludp->lud_dn );
+               dn.bv_val = ludp->lud_dn;
+               dn.bv_len = strlen( ludp->lud_dn );
+
+               rc = dnPretty( NULL, &dn, &pdn );
+               if( rc != LDAP_SUCCESS ) {
+                       fprintf( stderr, "%s: line %d: "
+                                       "target '%s' DN is invalid\n",
+                                       fname, lineno, argv[ 1 ] );
+                       return( 1 );
+               }
+
+               rc = dnNormalize( NULL, &dn, &ndn );
+               if( rc != LDAP_SUCCESS ) {
+                       fprintf( stderr, "%s: line %d: "
+                                       "target '%s' DN is invalid\n",
+                                       fname, lineno, argv[ 1 ] );
+                       ber_bvfree( ndn );
+                       return( 1 );
+               }
+
+               li->targets[ i ]->psuffix = pdn;
+               li->targets[ i ]->suffix = ndn;
+
                li->targets[ i ]->uri = ch_strdup( argv[ 1 ] );
-               last = strstr( li->targets[ i ]->uri,
-                               li->targets[ i ]->suffix );
+               last = strstr( li->targets[ i ]->uri, ludp->lud_dn );
                assert( last != NULL );
-               last[ 0 ] = '\0'; /* wasting memory ... */
-               
-               /*
-                * Need to store the suffix in normalized form
-                */
-               (void) dn_normalize( li->targets[ i ]->suffix );
+               last[ 0 ] = '\0';
                
                /*
                 * uri MUST be a branch of suffix!
@@ -241,8 +259,8 @@ meta_back_db_config(
                 * or worked out, at least, in some manner
                 */
                for ( j = 0; j < i-1; j++ ) {
-                       if ( strcmp( li->targets[ i ]->suffix,
-                                       li->targets[ j ]->suffix ) == 0 ) {
+                       if ( strcmp( li->targets[ i ]->suffix->bv_val,
+                                       li->targets[ j ]->suffix->bv_val ) == 0 ) {
                                fprintf( stderr,
        "%s: line %d: naming context \"%s\" already used"
        " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
@@ -254,21 +272,13 @@ meta_back_db_config(
                
                ldap_free_urldesc( ludp );
 
-#ifdef NEW_LOGGING
-               LDAP_LOG(( "config", LDAP_LEVEL_INFO,
-                               "meta_back_db_config:"
-                               " URI \"%s\", suffix \"%s\"\n",
-                               li->targets[ i ]->uri,
-                               li->targets[ i ]->suffix ));
-#else /* !NEW_LOGGING */
-               Debug( LDAP_DEBUG_CONFIG,
-       "==>meta_back_db_config: URI \"%s\", suffix \"%s\"\n%s",
-                       li->targets[ i ]->uri, li->targets[ i ]->suffix, "" );
-#endif /* !NEW_LOGGING */
+               fprintf(stderr, "%s: line %d: URI \"%s\", suffix \"%s\"\n",
+                       fname, lineno, li->targets[ i ]->uri, 
+                       li->targets[ i ]->psuffix->bv_val );
                
        /* default target directive */
        } else if ( strcasecmp( argv[ 0 ], "default-target" ) == 0 ) {
-               int i = li->ntargets-1;
+               int             i = li->ntargets-1;
                
                if ( argc == 1 ) {
                        if ( i < 0 ) {
@@ -319,7 +329,8 @@ meta_back_db_config(
 
        /* name to use for meta_back_group */
        } else if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
-               int i = li->ntargets-1;
+               int             i = li->ntargets-1;
+               struct berval   dn, *ndn = NULL;
 
                if ( i < 0 ) {
                        fprintf( stderr,
@@ -333,11 +344,21 @@ meta_back_db_config(
                                fname, lineno );
                        return 1;
                }
-               li->targets[ i ]->binddn = ch_strdup( argv[ 1 ] );
+
+               dn.bv_val = argv[ 1 ];
+               dn.bv_len = strlen( argv[ 1 ] );
+               if ( dnNormalize( NULL, &dn, &ndn ) != LDAP_SUCCESS ) {
+                       fprintf( stderr, "%s: line %d: "
+                                       "bind DN '%s' is invalid\n",
+                                       fname, lineno, argv[ 1 ] );
+                       return( 1 );
+               }
+
+               li->targets[ i ]->binddn = ndn;
 
        /* password to use for meta_back_group */
        } else if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
-               int i = li->ntargets-1;
+               int             i = li->ntargets-1;
 
                if ( i < 0 ) {
                        fprintf( stderr,
@@ -351,11 +372,12 @@ meta_back_db_config(
                            fname, lineno );
                        return 1;
                }
-               li->targets[ i ]->bindpw = ch_strdup( argv[ 1 ] );
+               li->targets[ i ]->bindpw = ber_bvstrdup( argv[ 1 ] );
                
        /* name to use as pseudo-root dn */
        } else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) {
-               int i = li->ntargets-1;
+               int             i = li->ntargets-1;
+               struct berval   dn, *ndn = NULL;
 
                if ( i < 0 ) {
                        fprintf( stderr,
@@ -369,11 +391,21 @@ meta_back_db_config(
                                fname, lineno );
                        return 1;
                }
-               li->targets[ i ]->pseudorootdn = ch_strdup( argv[ 1 ] );
+
+               dn.bv_val = argv[ 1 ];
+               dn.bv_len = strlen( argv[ 1 ] );
+               if ( dnNormalize( NULL, &dn, &ndn ) != LDAP_SUCCESS ) {
+                       fprintf( stderr, "%s: line %d: "
+                                       "pseudoroot DN '%s' is invalid\n",
+                                       fname, lineno, argv[ 1 ] );
+                       return( 1 );
+               }
+
+               li->targets[ i ]->pseudorootdn = ndn;
 
        /* password to use as pseudo-root */
        } else if ( strcasecmp( argv[ 0 ], "pseudorootpw" ) == 0 ) {
-               int i = li->ntargets-1;
+               int             i = li->ntargets-1;
 
                if ( i < 0 ) {
                        fprintf( stderr,
@@ -387,12 +419,13 @@ meta_back_db_config(
                            fname, lineno );
                        return 1;
                }
-               li->targets[ i ]->pseudorootpw = ch_strdup( argv[ 1 ] );
+               li->targets[ i ]->pseudorootpw = ber_bvstrdup( argv[ 1 ] );
        
        /* dn massaging */
        } else if ( strcasecmp( argv[ 0 ], "suffixmassage" ) == 0 ) {
-               BackendDB *tmp_be;
-               int i = li->ntargets-1;
+               BackendDB       *tmp_be;
+               int             i = li->ntargets-1;
+               struct berval   dn, *ndn = NULL;
 
                if ( i < 0 ) {
                        fprintf( stderr,
@@ -418,8 +451,18 @@ meta_back_db_config(
                                fname, lineno );
                        return 1;
                }
+
+               dn.bv_val = argv[ 1 ];
+               dn.bv_len = strlen( argv[ 1 ] );
+               if ( dnNormalize( NULL, &dn, &ndn ) != LDAP_SUCCESS ) {
+                       fprintf( stderr, "%s: line %d: "
+                                       "suffix '%s' is invalid\n",
+                                       fname, lineno, argv[ 1 ] );
+                       return 1;
+               }
                
-               tmp_be = select_backend( argv[ 1 ], 0, 0 );
+               tmp_be = select_backend( ndn, 0, 0 );
+               ber_bvfree( ndn );
                if ( tmp_be != NULL && tmp_be != be ) {
                        fprintf( stderr, 
        "%s: line %d: suffix already in use by another backend in"
@@ -428,7 +471,18 @@ meta_back_db_config(
                        return 1;                                               
                }
 
-               tmp_be = select_backend( argv[ 2 ], 0, 0 );
+               dn.bv_val = argv[ 2 ];
+               dn.bv_len = strlen( argv[ 2 ] );
+               ndn = NULL;
+               if ( dnNormalize( NULL, &dn, &ndn ) != LDAP_SUCCESS ) {
+                       fprintf( stderr, "%s: line %d: "
+                                       "massaged suffix '%s' is invalid\n",
+                                       fname, lineno, argv[ 2 ] );
+                       return 1;
+               }
+               
+               tmp_be = select_backend( ndn, 0, 0 );
+               ber_bvfree( ndn );
                if ( tmp_be != NULL ) {
                        fprintf( stderr,
        "%s: line %d: massaged suffix already in use by another backend in" 
@@ -448,7 +502,7 @@ meta_back_db_config(
                
        /* rewrite stuff ... */
        } else if ( strncasecmp( argv[ 0 ], "rewrite", 7 ) == 0 ) {
-               int i = li->ntargets-1;
+               int             i = li->ntargets-1;
 
                if ( i < 0 ) {
                        fprintf( stderr,
@@ -464,7 +518,7 @@ meta_back_db_config(
                struct ldapmap *map;
                struct ldapmapping *mapping;
                char *src, *dst;
-               int i = li->ntargets-1;
+               int             i = li->ntargets-1;
 
                if ( i < 0 ) {
                        fprintf( stderr,

diff --git a/servers/slapd/back-meta/conn.c b/servers/slapd/back-meta/conn.c
index e703f57698bd50b013a46064346116acfba6eab5..e2d814ace6543160853c7280f0a1b67999546238 100644 (file)
--- a/servers/slapd/back-meta/conn.c
+++ b/servers/slapd/back-meta/conn.c
@@ -275,26 +275,27 @@ init_one_conn(
        /*
         * If the connection dn is not null, an attempt to rewrite it is made
         */
-       if ( conn->c_cdn != NULL && conn->c_cdn[ 0 ] != '\0' ) {
+       if ( conn->c_cdn != 0 ) {
+               char *mdn = NULL;
+               
                /*
                 * Rewrite the bind dn if needed
                 */
                lsc->bound_dn = NULL;
                switch ( rewrite_session( lt->rwinfo, "bindDn",
-                                       conn->c_cdn, conn,
-                                       &lsc->bound_dn ) ) {
+                                       conn->c_cdn, conn, &mdn ) ) {
                case REWRITE_REGEXEC_OK:
-                       if ( lsc->bound_dn == NULL ) {
-                               lsc->bound_dn = ch_strdup( conn->c_cdn );
+                       if ( mdn == NULL ) {
+                               lsc->bound_dn = ber_bvstrdup( conn->c_cdn );
                        }
 #ifdef NEW_LOGGING
                        LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
                                        "[rw] bindDn: \"%s\" -> \"%s\"\n",
-                                       conn->c_cdn, lsc->bound_dn ));
+                                       conn->c_cdn, lsc->bound_dn->bv_val ));
 #else /* !NEW_LOGGING */
                        Debug( LDAP_DEBUG_ARGS,
-                                       "rw> bindDn: \"%s\" -> \"%s\"\n%s",
-                                       conn->c_cdn, lsc->bound_dn, "" );
+                                       "rw> bindDn: \"%s\" -> \"%s\"\n",
+                                       conn->c_cdn, lsc->bound_dn->bv_val, 0 );
 #endif /* !NEW_LOGGING */
                        break;
                        
@@ -312,8 +313,15 @@ init_one_conn(
                                        NULL, NULL );
                        return LDAP_OPERATIONS_ERROR;
                }
+
+               if ( mdn ) {
+                       lsc->bound_dn = ber_bvstr( mdn );
+               } else {
+                       lsc->bound_dn = ber_bvstrdup( "" );
+               }
+
        } else {
-               lsc->bound_dn = NULL;
+               lsc->bound_dn = ber_bvstrdup( "" );
        }
 
        lsc->bound = META_UNBOUND;
@@ -340,12 +348,11 @@ init_one_conn(
 struct metaconn *
 meta_back_getconn(
                struct metainfo *li,
-               Connection *conn,
-               Operation *op,
-               int op_type,
-               const char *ndn,
-               int *candidate
-               )
+               Connection      *conn,
+               Operation       *op,
+               int             op_type,
+               struct berval   *ndn,
+               int             *candidate )
 {
        struct metaconn *lc, lc_curr;
        int vers, cached = -1, i = -1, err = LDAP_SUCCESS;
@@ -401,11 +408,12 @@ meta_back_getconn(
 #ifdef NEW_LOGGING
                LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
                                "meta_back_getconn: got target %d"
-                               " for ndn=\"%s\" from cache\n", i, ndn ));
+                               " for ndn=\"%s\" from cache\n", 
+                               i, ndn->bv_val ));
 #else /* !NEW_LOGGING */
                Debug( LDAP_DEBUG_CACHE,
        "==>meta_back_getconn: got target %d for ndn=\"%s\" from cache\n%s",
-                               i, ndn, "" );
+                               i, ndn->bv_val, "" );
 #endif /* !NEW_LOGGING */
 
                /*
@@ -467,11 +475,9 @@ meta_back_getconn(
         * if no unique candidate ...
         */
        } else {
-               int ndnlen = strlen( ndn );     
                for ( i = 0; i < li->ntargets; i++ ) {
                        if ( i == cached 
-               || meta_back_is_candidate( li->targets[ i ]->suffix,
-                                       ndn, ndnlen ) ) {
+               || meta_back_is_candidate( li->targets[ i ]->suffix, ndn ) ) {
 
                                /*
                                 * The target is activated; if needed, it is

diff --git a/servers/slapd/back-meta/data/meta-1.ldif b/servers/slapd/back-meta/data/meta-1.ldif
index 1f904653dfe2da8f4cff2464a6eee96ca6eaa1af..23c9b53fd5ba8f2e84cc4ee1d5b2003b046399ed 100644 (file)
--- a/servers/slapd/back-meta/data/meta-1.ldif
+++ b/servers/slapd/back-meta/data/meta-1.ldif
@@ -1,7 +1,9 @@
-dn: ou=People, dc=foo, dc=example, dc=com
+dn: ou=People,dc=foo,dc=example,dc=com
 objectClass: top
+objectClass: organizationalUnit
+ou: People
 
-dn: cn=Ando, ou=People, dc=foo, dc=example, dc=com
+dn: cn=Ando,ou=People,dc=foo,dc=example,dc=com
 objectClass: top
 objectClass: person
 cn: Ando

diff --git a/servers/slapd/back-meta/data/meta-2.ldif b/servers/slapd/back-meta/data/meta-2.ldif
index 7c717eeea74b954913df416fa9182661f6b69037..5c33b76c5f9310b161dafcd3e37c60da21ed549a 100644 (file)
--- a/servers/slapd/back-meta/data/meta-2.ldif
+++ b/servers/slapd/back-meta/data/meta-2.ldif
@@ -1,7 +1,9 @@
-dn: ou=People, dc=bar, dc=example, dc=com
+dn: ou=People,dc=bar,dc=example,dc=com
 objectClass: top
+objectClass: organizationalUnit
+ou: People
 
-dn: cn=Ando, ou=People, dc=bar, dc=example, dc=com
+dn: cn=Ando,ou=People,dc=bar,dc=example,dc=com
 objectClass: top
 objectClass: person
 cn: Ando

diff --git a/servers/slapd/back-meta/data/meta-3.ldif b/servers/slapd/back-meta/data/meta-3.ldif
index 1786b24f015698a97df972725305a7c68ef8d905..7a6668ea8308754376d307247057ff98973865fd 100644 (file)
--- a/servers/slapd/back-meta/data/meta-3.ldif
+++ b/servers/slapd/back-meta/data/meta-3.ldif
@@ -1,11 +1,13 @@
-dn: ou=Groups, dc=bar, dc=example, dc=com
+dn: ou=Groups,dc=bar,dc=example,dc=com
 objectClass: top
+objectClass: organizationalUnit
+ou: Groups
 
-dn: cn=Users, ou=Groups, dc=bar, dc=example, dc=com
+dn: cn=Users,ou=Groups,dc=bar,dc=example,dc=com
 objectClass: top
 objectClass: groupOfNames
 objectClass: simpleSecurityObject
 cn: Users
-member: cn=Users, ou=Groups, dc=bar, dc=example, dc=com
-member: cn=Ando, ou=People, dc=bar, dc=example, dc=com
+member: cn=Users,ou=Groups,dc=bar,dc=example,dc=com
+member: cn=Ando,ou=People,dc=bar,dc=example,dc=com
 userPassword: users

diff --git a/servers/slapd/back-meta/data/setup.sh b/servers/slapd/back-meta/data/setup.sh
index 401001bf3df8697856f76872ec7f68967dfec9bd..178644a55cbb3495cdd9fd12b6dd259b420a209c 100644 (file)
--- a/servers/slapd/back-meta/data/setup.sh
+++ b/servers/slapd/back-meta/data/setup.sh
@@ -27,7 +27,7 @@ ln -s "$SRCDIR/libraries/liblunicode" ucdata
 for i in 1 2 3 ; do
        echo "Feeding directory $i"
        mkdir -p "$METADBDIR/$i"
-       $SLAPADD -f $ADDCONF -n $i -l meta-$i.ldif
+       $SLAPADD -f $ADDCONF -n `expr $i + 1` -l meta-$i.ldif
 done
 
 echo ""

diff --git a/servers/slapd/back-meta/data/slapd-ldap-raw.conf b/servers/slapd/back-meta/data/slapd-ldap-raw.conf
index d83decac051b7181e5bea22810689a618b80c59a..856412ef18d6684a48f78e03523fad6d5edf027e 100644 (file)
--- a/servers/slapd/back-meta/data/slapd-ldap-raw.conf
+++ b/servers/slapd/back-meta/data/slapd-ldap-raw.conf
@@ -4,8 +4,8 @@
 
 database       ldap
 uri            "ldap://localhost:@PORT@/"
-suffix         "o=FB, c=US"
-suffixmassage  "o=FB, c=US" "ou=Groups, dc=bar, dc=example, dc=com"
+suffix         "o=FB,c=US"
+suffixmassage  "o=FB,c=US" "ou=Groups,dc=bar,dc=example,dc=com"
 lastmod                off
 
 access to dn.regex="[^,]+,o=FB,c=US" attr=cn

diff --git a/servers/slapd/back-meta/data/slapd-ldbm.conf b/servers/slapd/back-meta/data/slapd-ldbm.conf
index 8ca31453ab84333cb250b4abb7e9bb61d639af01..6b6c17a48174ea7096efb5185475fef66b79eda1 100644 (file)
--- a/servers/slapd/back-meta/data/slapd-ldbm.conf
+++ b/servers/slapd/back-meta/data/slapd-ldbm.conf
@@ -7,23 +7,23 @@
 #######################################################################
 
 database       ldbm
-suffix         "ou=People, dc=foo, dc=example, dc=com"
-rootdn         "cn=Root, ou=People, dc=foo, dc=example, dc=com"
+suffix         "ou=People,dc=foo,dc=example,dc=com"
+rootdn         "cn=Root,ou=People,dc=foo,dc=example,dc=com"
 rootpw         ldap
 directory      ./meta-db/1
 lastmod                on
 index          objectClass     pres,eq
 
 database       ldbm
-suffix         "ou=People, dc=bar, dc=example, dc=com"
-rootdn         "cn=Root, ou=People, dc=bar, dc=example, dc=com"
+suffix         "ou=People,dc=bar,dc=example,dc=com"
+rootdn         "cn=Root,ou=People,dc=bar,dc=example,dc=com"
 rootpw         ldap
 directory      ./meta-db/2
 index          objectClass     pres,eq
 
 database       ldbm
-suffix         "ou=Groups, dc=bar, dc=example, dc=com"
-rootdn         "cn=Root, ou=Groups, dc=bar, dc=example, dc=com"
+suffix         "ou=Groups,dc=bar,dc=example,dc=com"
+rootdn         "cn=Root,ou=Groups,dc=bar,dc=example,dc=com"
 rootpw         ldap
 directory      ./meta-db/3
 index          objectClass     pres,eq

diff --git a/servers/slapd/back-meta/data/slapd-meta-plain.conf b/servers/slapd/back-meta/data/slapd-meta-plain.conf
index 9e242d68de4c2e86307d3ff5fe0627a86779b9aa..78b6cd90ee959df17b8f78e0a8e279d7bb743331 100644 (file)
--- a/servers/slapd/back-meta/data/slapd-meta-plain.conf
+++ b/servers/slapd/back-meta/data/slapd-meta-plain.conf
@@ -35,9 +35,9 @@ include               ./slapd-ldap.conf
 #######################################################################
 
 database       meta
-suffix         "dc=example, dc=com"
+suffix         "dc=example,dc=com"
 dncache-ttl    forever
-uri            "ldap://localhost:@PORT@/ou=People, dc=foo, dc=example, dc=com"
-uri            "ldap://localhost:@PORT@/ou=People, dc=bar, dc=example, dc=com"
-uri            "ldap://localhost:@PORT@/ou=Groups, dc=bar, dc=example, dc=com"
+uri            "ldap://localhost:@PORT@/ou=People,dc=foo,dc=example,dc=com"
+uri            "ldap://localhost:@PORT@/ou=People,dc=bar,dc=example,dc=com"
+uri            "ldap://localhost:@PORT@/ou=Groups,dc=bar,dc=example,dc=com"
 

diff --git a/servers/slapd/back-meta/data/slapd-meta-rewrite.conf b/servers/slapd/back-meta/data/slapd-meta-rewrite.conf
index 2134ef0ddee9a7c48fccf016c6d395efd20bdd1b..9d9509007db976243d5638c234cc55b42995fd2f 100644 (file)
--- a/servers/slapd/back-meta/data/slapd-meta-rewrite.conf
+++ b/servers/slapd/back-meta/data/slapd-meta-rewrite.conf
@@ -31,58 +31,58 @@ access to *
        by * read
 
 #######################################################################
-# ldbm database definitions
+# ldap database with suffix massage definitions
 #######################################################################
 
-include                ./slapd-ldbm.conf
+include                ./slapd-ldap.conf
 
 #######################################################################
-# ldap database with suffix massage definitions
+# ldbm database definitions
 #######################################################################
 
-include                ./slapd-ldap.conf
+include                ./slapd-ldbm.conf
 
 #######################################################################
 # meta database definitions
 #######################################################################
 
 database       meta
-suffix         "o=Foo Bar, c=US"
+suffix         "o=Foo Bar,c=US"
 dncache-ttl    forever
 lastmod                off
 rootdn         "cn=root,o=Foo Bar,c=US"
 rootpw         foo
 
-uri            "ldap://localhost:@PORT@/ou=People, dc=foo, o=Foo Bar, c=US"
-pseudorootdn   "cn=Root, ou=People, dc=foo, dc=example, dc=com"
+uri            "ldap://localhost:@PORT@/ou=People,dc=foo,o=Foo Bar,c=US"
+pseudorootdn   "cn=Root,ou=People,dc=foo,dc=example,dc=com"
 pseudorootpw   ldap
 rewriteEngine  on
 rewriteContext default
-rewriteRule    "(.*)o=Foo Bar,[ ]?c=US" "%1dc=example, dc=com"
+rewriteRule    "(.*)o=Foo Bar,[ ]?c=US" "%1dc=example,dc=com"
 rewriteContext searchResult
-rewriteRule    "(.*)dc=example,[ ]?dc=com" "%1o=Foo Bar, c=US"
+rewriteRule    "(.*)dc=example,[ ]?dc=com" "%1o=Foo Bar,c=US"
 rewriteContext searchFilter
 rewriteRule    "(.*)member=([^)]+),o=Foo Bar,[ ]?c=US(.*)" "%1member=%2,dc=example,dc=com%3"
 
-uri            "ldap://localhost:@PORT@/ou=People, dc=bar, o=Foo Bar, c=US"
-pseudorootdn   "cn=Root, ou=People, dc=bar, dc=example, dc=com"
+uri            "ldap://localhost:@PORT@/ou=People,dc=bar,o=Foo Bar,c=US"
+pseudorootdn   "cn=Root,ou=People,dc=bar,dc=example,dc=com"
 pseudorootpw   ldap
 rewriteEngine  on
 rewriteContext default
-rewriteRule    "(.*)o=Foo Bar,[ ]?c=US" "%1dc=example, dc=com"
+rewriteRule    "(.*)o=Foo Bar,[ ]?c=US" "%1dc=example,dc=com"
 rewriteContext searchResult
-rewriteRule    "(.*)dc=example,[ ]?dc=com" "%1o=Foo Bar, c=US"
+rewriteRule    "(.*)dc=example,[ ]?dc=com" "%1o=Foo Bar,c=US"
 rewriteContext searchFilter
 rewriteRule    "(.*)member=([^)]+),o=Foo Bar,[ ]?c=US(.*)" "%1member=%2,dc=example,dc=com%3"
 default-target
 map            attribute givenName sn
 
-uri            "ldap://localhost:@PORT@/ou=Groups, dc=bar, o=Foo Bar, c=US"
+uri            "ldap://localhost:@PORT@/ou=Groups,dc=bar,o=Foo Bar,c=US"
 rewriteEngine  on
 rewriteContext default
-rewriteRule    "(.*)o=Foo Bar,[ ]?c=US" "%1dc=example, dc=com"
+rewriteRule    "(.*)o=Foo Bar,[ ]?c=US" "%1dc=example,dc=com"
 rewriteContext searchResult
-rewriteRule    "(.*)dc=example,[ ]?dc=com" "%1o=Foo Bar, c=US"
+rewriteRule    "(.*)dc=example,[ ]?dc=com" "%1o=Foo Bar,c=US"
 rewriteContext searchFilter
 rewriteRule    "(.*)member=([^)]+),o=Foo Bar,[ ]?c=US(.*)" "%1member=%2,dc=example,dc=com%3"
 

diff --git a/servers/slapd/back-meta/delete.c b/servers/slapd/back-meta/delete.c
index 6f47e91fbbfac6e5319165ab839ca5aacb1c2245..266dc821b315ae0907f519a07bca8fbdbea2dafa 100644 (file)
--- a/servers/slapd/back-meta/delete.c
+++ b/servers/slapd/back-meta/delete.c
@@ -80,8 +80,8 @@ meta_back_delete(
                Backend         *be,
                Connection      *conn,
                Operation       *op,
-               const char      *dn,
-               const char      *ndn
+               struct berval   *dn,
+               struct berval   *ndn
 )
 {
        struct metainfo *li = ( struct metainfo * )be->be_private;
@@ -92,7 +92,9 @@ meta_back_delete(
 
        lc = meta_back_getconn( li, conn, op, META_OP_REQUIRE_SINGLE,
                        ndn, &candidate );
-       if ( !lc || !meta_back_dobind( lc, op ) ) {
+       if ( !lc || !meta_back_dobind( lc, op ) || !meta_back_is_valid( lc, candidate ) ) {
+               send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+                               NULL, NULL, NULL, NULL );
                return -1;
        }
 
@@ -100,18 +102,18 @@ meta_back_delete(
         * Rewrite the compare dn, if needed
         */
        switch ( rewrite_session( li->targets[ candidate ]->rwinfo,
-                               "deleteDn", dn, conn, &mdn ) ) {
+                               "deleteDn", dn->bv_val, conn, &mdn ) ) {
        case REWRITE_REGEXEC_OK:
                if ( mdn == NULL ) {
-                       mdn = ( char * )dn;
+                       mdn = ( char * )dn->bv_val;
                }
 #ifdef NEW_LOGGING
                LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
                                "[rw] deleteDn: \"%s\" -> \"%s\"\n",
-                               dn, mdn ));
+                               dn->bv_val, mdn ));
 #else /* !NEW_LOGGING */
                Debug( LDAP_DEBUG_ARGS, "rw> deleteDn: \"%s\" -> \"%s\"\n%s",
-                               dn, mdn, "" );
+                               dn->bv_val, mdn, "" );
 #endif /* !NEW_LOGGING */
                break;
                
@@ -128,7 +130,7 @@ meta_back_delete(
        
        ldap_delete_s( lc->conns[ candidate ]->ld, mdn );
 
-       if ( mdn != dn ) {
+       if ( mdn != dn->bv_val ) {
                free( mdn );
        }
        

diff --git a/servers/slapd/back-meta/dncache.c b/servers/slapd/back-meta/dncache.c
index febb96341491c3cd2c7bc643a5276c68a6299413..a37d1e7706e39956c8356ff9887f97b4a6abd0f9 100644 (file)
--- a/servers/slapd/back-meta/dncache.c
+++ b/servers/slapd/back-meta/dncache.c
@@ -77,10 +77,10 @@
  */
 
 struct metadncacheentry {
-       char *dn;
-       int target;
+       struct berval   *dn;
+       int             target;
 
-       time_t lastupdated;
+       time_t          lastupdated;
 };
 
 /*
@@ -98,11 +98,13 @@ meta_dncache_cmp(
 {
        struct metadncacheentry *cc1 = ( struct metadncacheentry * )c1;
        struct metadncacheentry *cc2 = ( struct metadncacheentry * )c2;
+
+       int                     d = cc1->dn->bv_len - cc2->dn->bv_len;
        
        /*
         * case sensitive, because the dn MUST be normalized
         */
-       return strcmp( cc1->dn, cc2->dn );
+       return d != 0 ? d : strcmp( cc1->dn->bv_val, cc2->dn->bv_val );
 }
 
 /*
@@ -120,10 +122,15 @@ meta_dncache_dup(
        struct metadncacheentry *cc1 = ( struct metadncacheentry * )c1;
        struct metadncacheentry *cc2 = ( struct metadncacheentry * )c2;
        
+       int                     d = cc1->dn->bv_len - cc2->dn->bv_len;
+       int                     cmp;
+       
        /*
         * case sensitive, because the dn MUST be normalized
         */
-       return ( strcmp( cc1->dn, cc2->dn ) == 0 ) ? -1 : 0;
+       cmp = d != 0 ? d : strcmp( cc1->dn->bv_val, cc2->dn->bv_val );
+
+       return ( cmp == 0 ) ? -1 : 0;
 }
 
 /*
@@ -135,14 +142,14 @@ meta_dncache_dup(
 int
 meta_dncache_get_target(
                struct metadncache      *cache,
-               const char              *ndn
+               struct berval           *ndn
 )
 {
        struct metadncacheentry tmp_entry, *entry;
        time_t curr_time;
        int target = -1;
 
-       tmp_entry.dn = ( char * )ndn;
+       tmp_entry.dn = ndn;
        ldap_pvt_thread_mutex_lock( &cache->mutex );
        entry = ( struct metadncacheentry * )avl_find( cache->tree,
                        ( caddr_t )&tmp_entry, meta_dncache_cmp );
@@ -182,7 +189,7 @@ meta_dncache_get_target(
 int
 meta_dncache_update_entry(
                struct metadncache      *cache,
-               const char              *ndn,
+               struct berval           *ndn,
                int                     target
 )
 {
@@ -203,7 +210,7 @@ meta_dncache_update_entry(
                curr_time = time( NULL );
        }
 
-       tmp_entry.dn = ( char * )ndn;
+       tmp_entry.dn = ndn;
 
        ldap_pvt_thread_mutex_lock( &cache->mutex );
        entry = ( struct metadncacheentry * )avl_find( cache->tree,
@@ -219,7 +226,7 @@ meta_dncache_update_entry(
                        return -1;
                }
 
-               entry->dn = ch_strdup( ndn );
+               entry->dn = ber_bvdup( ndn );
                if ( entry->dn == NULL ) {
                        ldap_pvt_thread_mutex_unlock( &cache->mutex );
                        return -1;
@@ -244,12 +251,12 @@ meta_dncache_update_entry(
 int
 meta_dncache_delete_entry(
                struct metadncache      *cache,
-               const char              *ndn
+               struct berval           *ndn
 )
 {
        struct metadncacheentry *entry, tmp_entry;
 
-       tmp_entry.dn = ( char * )ndn;
+       tmp_entry.dn = ndn;
 
        ldap_pvt_thread_mutex_lock( &cache->mutex );
        entry = avl_delete( &cache->tree, ( caddr_t )&tmp_entry,
@@ -276,6 +283,6 @@ meta_dncache_free(
 {
        struct metadncacheentry *entry = ( struct metadncacheentry * )e;
 
-       free( entry->dn );
+       ber_bvfree( entry->dn );
 }
 

diff --git a/servers/slapd/back-meta/group.c b/servers/slapd/back-meta/group.c
index 56cf41fe8638c74ee6c0b5a0f3d33192fb71acd6..5fa6526ad566e1c352fd4a73af441251c52fef6a 100644 (file)
--- a/servers/slapd/back-meta/group.c
+++ b/servers/slapd/back-meta/group.c
@@ -86,8 +86,8 @@ meta_back_group(
                Connection              *conn,
                Operation               *op,
                Entry                   *target,
-               const char              *gr_ndn,
-               const char              *op_ndn,
+               struct berval           *gr_ndn,
+               struct berval           *op_ndn,
                ObjectClass             *group_oc,
                AttributeDescription    *group_at
 )
@@ -95,8 +95,6 @@ meta_back_group(
        struct metainfo *li = ( struct metainfo * )be->be_private;    
        int rc = 1, candidate;
        Attribute   *attr;
-       struct berval bv;
-
        AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass;
        LDAPMessage     *result;
        char *gattr[ 2 ];
@@ -113,7 +111,7 @@ meta_back_group(
                group_oc_name = group_oc->soc_oid;
        }
 
-       if ( target != NULL && strcmp( target->e_ndn, gr_ndn ) == 0 ) {
+       if ( target != NULL && strcmp( target->e_nname.bv_val, gr_ndn->bv_val ) == 0 ) {
                /* we already have a copy of the entry */
                /* attribute and objectclass mapping has already been done */
 
@@ -142,9 +140,8 @@ meta_back_group(
                         */
                        attr = attr_find( target->e_attrs, group_at );
                        if ( attr != NULL ) {
-                               bv.bv_val = ( char * )op_ndn;
-                               bv.bv_len = strlen( op_ndn );         
-                               rc = value_find( group_at, attr->a_vals, &bv );
+                               rc = value_find( group_at, attr->a_vals, 
+                                               op_ndn );
                                if ( rc != LDAP_SUCCESS ) {
                                        return 1;
                                }
@@ -162,21 +159,21 @@ meta_back_group(
         * Rewrite the op ndn if needed
         */
        switch ( rewrite_session( li->targets[ candidate ]->rwinfo, "bindDn",
-                               op_ndn, conn, &mop_ndn ) ) {
+                               op_ndn->bv_val, conn, &mop_ndn ) ) {
        case REWRITE_REGEXEC_OK:
                if ( mop_ndn == NULL ) {
-                       mop_ndn = ( char * )op_ndn;
+                       mop_ndn = ( char * )op_ndn->bv_val;
                }
 #ifdef NEW_LOGGING
                LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
                                "[rw] bindDn (op ndn in group):"
                                 \"%s\" -> \"%s\"\n",
-                                op_ndn, mop_ndn ));
+                                op_ndn->bv_val, mop_ndn));
 #else /* !NEW_LOGGING */
                Debug( LDAP_DEBUG_ARGS,
                                "rw> bindDn (op ndn in group):"
                                " \"%s\" -> \"%s\"\n%s",
-                               op_ndn, mop_ndn, "" );
+                               op_ndn->bv_val, mop_ndn, "" );
 #endif /* !NEW_LOGGING */
                break;
                
@@ -192,21 +189,21 @@ meta_back_group(
         */
        switch ( rewrite_session( li->targets[ candidate ]->rwinfo,
                                "searchBase",
-                               gr_ndn, conn, &mgr_ndn ) ) {
+                               gr_ndn->bv_val, conn, &mgr_ndn ) ) {
        case REWRITE_REGEXEC_OK:
                if ( mgr_ndn == NULL ) {
-                       mgr_ndn = ( char * )gr_ndn;
+                       mgr_ndn = ( char * )gr_ndn->bv_val;
                }
 #ifdef NEW_LOGGING
                LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
                                "[rw] searchBase (gr ndn in group):"
                                " \"%s\" -> \"%s\"\n",
-                               gr_ndn, mgr_ndn ));
+                               gr_ndn->bv_val, mgr_ndn ));
 #else /* !NEW_LOGGING */
                Debug( LDAP_DEBUG_ARGS,
                                "rw> searchBase (gr ndn in group):"
                                " \"%s\" -> \"%s\"\n%s",
-                               gr_ndn, mgr_ndn, "" );
+                               gr_ndn->bv_val, mgr_ndn, "" );
 #endif /* !NEW_LOGGING */
                break;
                
@@ -241,8 +238,9 @@ meta_back_group(
                goto cleanup;
        }
 
-       rc = ldap_bind_s( ld, li->targets[ candidate ]->binddn,
-                       li->targets[ candidate ]->bindpw, LDAP_AUTH_SIMPLE );
+       rc = ldap_bind_s( ld, li->targets[ candidate ]->binddn->bv_val,
+                       li->targets[ candidate ]->bindpw->bv_val, 
+                       LDAP_AUTH_SIMPLE );
        if ( rc != LDAP_SUCCESS ) {
                goto cleanup;
        }
@@ -274,10 +272,10 @@ cleanup:;
        if ( filter != NULL ) {
                ch_free( filter );
        }
-       if ( mop_ndn != op_ndn ) {
+       if ( mop_ndn != op_ndn->bv_val ) {
                free( mop_ndn );
        }
-       if ( mgr_ndn != gr_ndn ) {
+       if ( mgr_ndn != gr_ndn->bv_val ) {
                free( mgr_ndn );
        }
 

diff --git a/servers/slapd/back-meta/init.c b/servers/slapd/back-meta/init.c
index 4e30347442d0a39c3cc9abe58278cd9c63410968..a68519eeab7af7bb47919536a8401f3f5f3fcba5 100644 (file)
--- a/servers/slapd/back-meta/init.c
+++ b/servers/slapd/back-meta/init.c
@@ -165,7 +165,7 @@ conn_free(
                        ldap_unbind( lsc[ 0 ]->ld );
                }
                if ( lsc[ 0 ]->bound_dn ) {
-                       free( lsc[ 0 ]->bound_dn );
+                       ber_bvfree( lsc[ 0 ]->bound_dn );
                }
                free( lsc[ 0 ] );
        }
@@ -181,11 +181,23 @@ target_free(
        if ( lt->uri ) {
                free( lt->uri );
        }
+       if ( lt->psuffix ) {
+               ber_bvfree( lt->psuffix );
+       }
+       if ( lt->suffix ) {
+               ber_bvfree( lt->suffix );
+       }
        if ( lt->binddn ) {
-               free( lt->binddn );
+               ber_bvfree( lt->binddn );
        }
        if ( lt->bindpw ) {
-               free( lt->bindpw );
+               ber_bvfree( lt->bindpw );
+       }
+       if ( lt->pseudorootdn ) {
+               ber_bvfree( lt->pseudorootdn );
+       }
+       if ( lt->pseudorootpw ) {
+               ber_bvfree( lt->pseudorootpw );
        }
        if ( lt->rwinfo ) {
                rewrite_info_delete( lt->rwinfo );

diff --git a/servers/slapd/back-meta/modify.c b/servers/slapd/back-meta/modify.c
index 7fc8b8e6e32b01f87931ed827d095ebf09213768..db1ee00a64ab650627c945efc1cd5716fe362e16 100644 (file)
--- a/servers/slapd/back-meta/modify.c
+++ b/servers/slapd/back-meta/modify.c
@@ -80,8 +80,8 @@ meta_back_modify(
                Backend *be,
                Connection      *conn,
                Operation       *op,
-               const char      *dn,
-               const char      *ndn,
+               struct berval   *dn,
+               struct berval   *ndn,
                Modifications   *modlist
 )
 {
@@ -95,7 +95,9 @@ meta_back_modify(
 
        lc = meta_back_getconn( li, conn, op, META_OP_REQUIRE_SINGLE,
                        ndn, &candidate );
-       if ( !lc || !meta_back_dobind( lc, op ) ) {
+       if ( !lc || !meta_back_dobind( lc, op ) || !meta_back_is_valid( lc, candidate ) ) {
+               send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+                               NULL, NULL, NULL, NULL );
                return -1;
        }
 
@@ -103,18 +105,18 @@ meta_back_modify(
         * Rewrite the modify dn, if needed
         */
        switch ( rewrite_session( li->targets[ candidate ]->rwinfo,
-                               "modifyDn", dn, conn, &mdn ) ) {
+                               "modifyDn", dn->bv_val, conn, &mdn ) ) {
        case REWRITE_REGEXEC_OK:
                if ( mdn == NULL ) {
-                       mdn = ( char * )dn;
+                       mdn = ( char * )dn->bv_val;
                }
 #ifdef NEW_LOGGING
                LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
                                "[rw] modifyDn: \"%s\" -> \"%s\"\n",
-                               dn, mdn ));
+                               dn->bv_val, mdn ));
 #else /* !NEW_LOGGING */
                Debug( LDAP_DEBUG_ARGS, "rw> modifyDn: \"%s\" -> \"%s\"\n%s",
-                               dn, mdn, "" );
+                               dn->bv_val, mdn, "" );
 #endif /* !NEW_LOGGING */
                break;
                
@@ -134,7 +136,7 @@ meta_back_modify(
 
        mods = ch_malloc( sizeof( LDAPMod )*i );
        if ( mods == NULL ) {
-               if ( mdn != dn ) {
+               if ( mdn != dn->bv_val ) {
                        free( mdn );
                }
                return -1;
@@ -142,7 +144,7 @@ meta_back_modify(
        modv = ( LDAPMod ** )ch_malloc( ( i + 1 )*sizeof( LDAPMod * ) );
        if ( modv == NULL ) {
                free( mods );
-               if ( mdn != dn ) {
+               if ( mdn != dn->bv_val ) {
                        free( mdn );
                }
                return -1;
@@ -194,7 +196,7 @@ meta_back_modify(
 
        ldap_modify_s( lc->conns[ candidate ]->ld, mdn, modv );
 
-       if ( mdn != dn ) {
+       if ( mdn != dn->bv_val ) {
                free( mdn );
        }
        free( mods );

diff --git a/servers/slapd/back-meta/modrdn.c b/servers/slapd/back-meta/modrdn.c
index 3528a52072b00c4b525ea8cf967896bc17740594..cd52af743baba2ba185f1ddf9020b258cbf918c2 100644 (file)
--- a/servers/slapd/back-meta/modrdn.c
+++ b/servers/slapd/back-meta/modrdn.c
@@ -80,11 +80,13 @@ meta_back_modrdn(
                Backend         *be,
                Connection      *conn,
                Operation       *op,
-               const char      *dn,
-               const char      *ndn,
-               const char      *newrdn,
+               struct berval   *dn,
+               struct berval   *ndn,
+               struct berval   *newrdn,
+               struct berval   *nnewrdn,
                int             deleteoldrdn,
-               const char      *newSuperior
+               struct berval   *newSuperior,
+               struct berval   *nnewSuperior
 )
 {
        struct metainfo *li = ( struct metainfo * )be->be_private;
@@ -95,7 +97,9 @@ meta_back_modrdn(
 
        lc = meta_back_getconn( li, conn, op, META_OP_REQUIRE_SINGLE,
                        ndn, &candidate );
-       if ( !lc || !meta_back_dobind( lc, op ) ) {
+       if ( !lc || !meta_back_dobind( lc, op ) || !meta_back_is_valid( lc, candidate ) ) {
+               send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR,
+                               NULL, NULL, NULL, NULL );
                return -1;
        }
 
@@ -131,7 +135,9 @@ meta_back_modrdn(
                 */
                switch ( rewrite_session( li->targets[ nsCandidate ]->rwinfo,
                                        "newSuperiorDn",
-                                       newSuperior, conn, &mnewSuperior ) ) {
+                                       newSuperior->bv_val, 
+                                       conn, 
+                                       &mnewSuperior ) ) {
                case REWRITE_REGEXEC_OK:
                        if ( mnewSuperior == NULL ) {
                                mnewSuperior = ( char * )newSuperior;
@@ -144,7 +150,7 @@ meta_back_modrdn(
 #else /* !NEW_LOGGING */
                        Debug( LDAP_DEBUG_ARGS, "rw> newSuperiorDn:"
                                        " \"%s\" -> \"%s\"\n%s",
-                                       newSuperior, mnewSuperior, "" );
+                                       newSuperior->bv_val, mnewSuperior, "" );
 #endif /* !NEW_LOGGING */
                        break;
 
@@ -164,18 +170,18 @@ meta_back_modrdn(
         * Rewrite the modrdn dn, if required
         */
        switch ( rewrite_session( li->targets[ candidate ]->rwinfo,
-                               "modrDn", dn, conn, &mdn ) ) {
+                               "modrDn", dn->bv_val, conn, &mdn ) ) {
        case REWRITE_REGEXEC_OK:
                if ( mdn == NULL ) {
-                       mdn = ( char * )dn;
+                       mdn = ( char * )dn->bv_val;
                }
 #ifdef NEW_LOGGING
                LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
                                "[rw] modrDn: \"%s\" -> \"%s\"\n",
-                               dn, mdn ));
+                               dn->bv_val, mdn ));
 #else /* !NEW_LOGGING */
                Debug( LDAP_DEBUG_ARGS, "rw> modrDn: \"%s\" -> \"%s\"\n%s",
-                               dn, mdn, "" );
+                               dn->bv_val, mdn, "" );
 #endif /* !NEW_LOGGING */
                break;
                
@@ -190,13 +196,13 @@ meta_back_modrdn(
                return -1;
        }
 
-       ldap_rename2_s( lc->conns[ candidate ]->ld, mdn, newrdn,
+       ldap_rename2_s( lc->conns[ candidate ]->ld, mdn, newrdn->bv_val,
                        mnewSuperior, deleteoldrdn );
 
-       if ( mdn != dn ) {
+       if ( mdn != dn->bv_val ) {
                free( mdn );
        }
-       if ( mnewSuperior != NULL && mnewSuperior != newSuperior ) {
+       if ( mnewSuperior != NULL && mnewSuperior != newSuperior->bv_val ) {
                free( mnewSuperior );
        }
        

diff --git a/servers/slapd/back-meta/search.c b/servers/slapd/back-meta/search.c
index 026159ced0fb2baea22b33f3551c456519c41fd2..d6723cc2b6377d364f47b7a6c68432aed2e71cde 100644 (file)
--- a/servers/slapd/back-meta/search.c
+++ b/servers/slapd/back-meta/search.c
@@ -84,14 +84,14 @@ meta_send_entry(
                struct metaconn *lc,
                int             i,
                LDAPMessage     *e,
-               struct berval           **attrs,
+               struct berval   **attrs,
                int             attrsonly
 );
 
 static int
 is_one_level_rdn(
-               const char *rdn,
-               int len
+               const char      *rdn,
+               int             from
 );
 
 int
@@ -99,15 +99,15 @@ meta_back_search(
                Backend         *be,
                Connection      *conn,
                Operation       *op,
-               const char      *base,
-               const char      *nbase,
+               struct berval   *base,
+               struct berval   *nbase,
                int             scope,
                int             deref,
                int             slimit,
                int             tlimit,
                Filter          *filter,
                const char      *filterstr,
-               struct berval           **attrs,
+               struct berval   **attrs,
                int             attrsonly
 )
 {
@@ -121,7 +121,7 @@ meta_back_search(
        char *mbase = NULL, *mfilter = NULL, *mmatch = NULL, 
                *mapped_filter = NULL, **mapped_attrs = NULL;
                
-       int i, last = 0, candidates = 0, nbaselen, op_type;
+       int i, last = 0, candidates = 0, op_type;
        struct slap_limits_set *limit = NULL;
        int isroot = 0;
 
@@ -146,8 +146,6 @@ meta_back_search(
                return -1;
        }
        
-       nbaselen = strlen( nbase );
-
        /* if not root, get appropriate limits */
        if ( be_isroot( be, &op->o_ndn ) ) {
                isroot = 1;
@@ -195,7 +193,7 @@ meta_back_search(
         * Inits searches
         */
        for ( i = 0, lsc = lc->conns; lsc[ 0 ] != NULL; ++i, ++lsc ) {
-               char *realbase = ( char * )base;
+               char *realbase = ( char * )base->bv_val;
                int realscope = scope;
                int suffixlen;
                
@@ -219,8 +217,8 @@ meta_back_search(
                /*
                 * modifies the base according to the scope, if required
                 */
-               suffixlen = strlen( li->targets[ i ]->suffix );
-               if ( suffixlen > nbaselen ) {
+               suffixlen = li->targets[ i ]->suffix->bv_len;
+               if ( suffixlen > nbase->bv_len ) {
                        switch ( scope ) {
                        case LDAP_SCOPE_SUBTREE:
                                /*
@@ -229,9 +227,9 @@ meta_back_search(
                                 * illegal bases may be turned into 
                                 * the suffix of the target.
                                 */
-                               if ( dn_issuffix( li->targets[ i ]->suffix,
+                               if ( dnIsSuffix( li->targets[ i ]->suffix,
                                                nbase ) ) {
-                                       realbase = li->targets[ i ]->suffix;
+                                       realbase = li->targets[ i ]->suffix->bv_val;
                                } else {
                                        /*
                                         * this target is no longer candidate
@@ -242,15 +240,15 @@ meta_back_search(
                                break;
 
                        case LDAP_SCOPE_ONELEVEL:
-                               if ( is_one_level_rdn( li->targets[ i ]->suffix,
-                                               suffixlen-nbaselen-1) 
-                       && dn_issuffix( li->targets[ i ]->suffix, nbase ) ) {
+                               if ( is_one_level_rdn( li->targets[ i ]->suffix->bv_val,
+                                               suffixlen - nbase->bv_len - 1 ) 
+                       && dnIsSuffix( li->targets[ i ]->suffix, nbase ) ) {
                                        /*
                                         * if there is exactly one level,
                                         * make the target suffix the new
                                         * base, and make scope "base"
                                         */
-                                       realbase = li->targets[ i ]->suffix;
+                                       realbase = li->targets[ i ]->suffix->bv_val;
                                        realscope = LDAP_SCOPE_BASE;
                                        break;
                                } /* else continue with the next case */
@@ -278,10 +276,10 @@ meta_back_search(
 #ifdef NEW_LOGGING
                LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
                                "[rw] searchBase: \"%s\" -> \"%s\"\n",
-                               base, mbase ));
+                               base->bv_val, mbase ));
 #else /* !NEW_LOGGING */
                Debug( LDAP_DEBUG_ARGS, "rw> searchBase: \"%s\" -> \"%s\"\n%s",
-                               base, mbase, "" );
+                               base->bv_val, mbase, "" );
 #endif /* !NEW_LOGGING */
                break;
                
@@ -352,8 +350,13 @@ meta_back_search(
                 */
                mapped_attrs = ldap_back_map_attrs( &li->targets[ i ]->at_map,
                                attrs, 0 );
-               if ( mapped_attrs == NULL ) {
-                       mapped_attrs = attrs;
+               if ( mapped_attrs == NULL && attrs) {
+                       for ( count = 0; attrs[ count ]; count++ );
+                       mapped_attrs = ch_malloc( ( count + 1 ) * sizeof(char *));
+                       for ( count = 0; attrs[ count ]; count++ ) {
+                               mapped_attrs[ count ] = attrs[ count ]->bv_val;
+                       }
+                       mapped_attrs[ count ] = NULL;
                }
 
                /*
@@ -366,8 +369,8 @@ meta_back_search(
                        continue;
                }
 
-               if ( mapped_attrs != attrs ) {
-                       charray_free( mapped_attrs );
+               if ( mapped_attrs ) {
+                       free( mapped_attrs );
                        mapped_attrs = NULL;
                }
                if ( mapped_filter != mfilter ) {
@@ -564,24 +567,25 @@ finish:;
 
 static void
 meta_send_entry(
-               Backend *be,
-               Operation *op,
+               Backend         *be,
+               Operation       *op,
                struct metaconn *lc,
-               int target,
-               LDAPMessage *e,
-               struct berval **attrs,
-               int attrsonly
+               int             target,
+               LDAPMessage     *e,
+               struct berval   **attrs,
+               int             attrsonly
 )
 {
-       struct metainfo *li = ( struct metainfo * )be->be_private;
-       char *a, *mapped;
-       Entry ent;
-       BerElement *ber = NULL;
-       Attribute *attr, **attrp;
-       struct berval *dummy = NULL;
-       struct berval *bv;
-       const char *text;
-       char *dn;
+       struct metainfo         *li = ( struct metainfo * )be->be_private;
+       char                    *a, *mapped;
+       Entry                   ent;
+       BerElement              *ber = NULL;
+       Attribute               *attr, **attrp;
+       struct berval           *dummy = NULL;
+       struct berval           *bv;
+       const char              *text;
+       char                    *dn, *edn = NULL;
+       struct berval           tdn, *pdn = NULL, *ndn = NULL;
 
        struct metasingleconn *lsc = lc->conns[ target ];
 
@@ -594,19 +598,20 @@ meta_send_entry(
         * Rewrite the dn of the result, if needed
         */
        switch ( rewrite_session( li->targets[ target ]->rwinfo,
-                               "searchResult", dn, lc->conn, &ent.e_dn ) ) {
+                               "searchResult", dn, lc->conn, &edn ) ) {
        case REWRITE_REGEXEC_OK:
-               if ( ent.e_dn == NULL ) {
-                       ent.e_dn = dn;
+               if ( edn == NULL ) {
+                       edn = dn;
+
                } else {
 #ifdef NEW_LOGGING
                        LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
                                        "[rw] searchResult[%d]:"
                                        " \"%s\" -> \"%s\"\n",
-                                       target, dn, ent.e_dn ));
+                                       target, dn, edn ));
 #else /* !NEW_LOGGING */
                        Debug( LDAP_DEBUG_ARGS, "rw> searchResult[%d]: \"%s\""
-                                       " -> \"%s\"\n", target, dn, ent.e_dn );
+                                       " -> \"%s\"\n", target, dn, edn );
 #endif /* !NEW_LOGGING */
                        free( dn );
                        dn = NULL;
@@ -619,15 +624,27 @@ meta_send_entry(
                return;
        }
 
-       ent.e_ndn = ch_strdup( ent.e_dn );
-       ( void )dn_normalize( ent.e_ndn );
+       tdn.bv_val = edn;
+       tdn.bv_len = strlen( edn );
+       if ( dnPretty( NULL, &tdn, &pdn ) != LDAP_SUCCESS ) {
+
+       }
+
+       if ( dnNormalize( NULL, &tdn, &ndn ) != LDAP_SUCCESS ) {
+
+       }
+
+       ent.e_name = *pdn;
+       free( pdn );
+       ent.e_nname = *ndn;
+       free( ndn );
 
        /*
         * cache dn
         */
        if ( li->cache.ttl != META_DNCACHE_DISABLED ) {
                ( void )meta_dncache_update_entry( &li->cache,
-                                                  ch_strdup( ent.e_ndn ),
+                                                  ber_bvdup( &ent.e_nname ),
                                                   target );
        }
 
@@ -779,12 +796,13 @@ meta_send_entry(
 
 static int
 is_one_level_rdn(
-               const char *rdn,
-               int len
+               const char      *rdn,
+               int             from
 )
 {
-       for ( ; len--; ) {
-               if ( DN_SEPARATOR( rdn[ len ] ) ) {
+       for ( ; from--; ) {
+               if ( DN_SEPARATOR( rdn[ from ] ) 
+                               && ! DN_ESCAPE( rdn[ from ] - 1 ) ) {
                        return 0;
                }
        }