]> git.sur5r.net Git - openldap/commitdiff
projects / openldap / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f81ad34)
ITS#3980, filter out some delete modifications on replicas if target
authorHoward Chu <hyc@openldap.org>
Sun, 4 Sep 2005 16:22:30 +0000 (16:22 +0000)
committerHoward Chu <hyc@openldap.org>
Sun, 4 Sep 2005 16:22:30 +0000 (16:22 +0000)
attrs don't exist

servers/slapd/overlays/ppolicy.c patch | blob | history

diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
index 68175b72aea033483957255e311d02a6911113ce..34d044890e5d41117b5ba6c10a69e99d0286726b 100644 (file)
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -1168,16 +1168,37 @@ ppolicy_modify( Operation *op, SlapReply *rs )
                                *bv, cr[2];
        LDAPPasswordPolicyError pErr = PP_noError;
 
-       /* If this is a replica, assume the master checked everything */
-       if ( be_shadow_update( op ))
-               return SLAP_CB_CONTINUE;
-
        op->o_bd->bd_info = (BackendInfo *)on->on_info;
        rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &e );
        op->o_bd->bd_info = (BackendInfo *)on;
 
        if ( rc != LDAP_SUCCESS ) return SLAP_CB_CONTINUE;
 
+       /* If this is a replica, we may need to filter out some of the
+        * master's modifications. Otherwise, just pass it through.
+        */
+       if ( be_shadow_update( op )) {
+               Modifications **prev;
+               for( prev = &op->oq_modify.rs_modlist, ml = *prev; ml;
+                       prev = &ml->sml_next, ml = *prev ) {
+
+                       /* If we're deleting an attr that didn't exist,
+                        * drop this delete op
+                        */
+                       if ( ml->sml_op == LDAP_MOD_DELETE && 
+                               ( ml->sml_desc == ad_pwdGraceUseTime ||
+                               ml->sml_desc == ad_pwdAccountLockedTime ) &&
+                               attr_find( e->e_attrs, ml->sml_desc ) == NULL ) {
+                               *prev = ml->sml_next;
+                               ml->sml_next = NULL;
+                               slap_mods_free( ml, 1 );
+                       }
+               }
+               op->o_bd->bd_info = (BackendInfo *)on->on_info;
+               be_entry_release_r( op, e );
+               return SLAP_CB_CONTINUE;
+       }
+
        /* Did we receive a password policy request control? */
        if ( op->o_ctrlflag[ppolicy_cid] ) {
                send_ctrl = 1;
Cloned from git://git.openldap.org/openldap.git