while ( parent_ndn.bv_val != old_parent_ndn.bv_val ){
old_parent_ndn = parent_ndn;
Debug(LDAP_DEBUG_ACL, "checking ACI of %s\n", parent_ndn.bv_val, 0, 0);
- ret = backend_attribute(op, NULL, &parent_ndn, b->a_aci_at, &bvals);
+ ret = backend_attribute(op, NULL, &parent_ndn, b->a_aci_at, &bvals, ACL_AUTH);
switch(ret){
case LDAP_SUCCESS :
stop = 0;
AttributeDescription *desc = NULL;
if (slap_bv2ad(attr, &desc, &text) == LDAP_SUCCESS) {
backend_attribute(cp->op,
- cp->e, &ndn, desc, &bvals);
+ cp->e, &ndn, desc, &bvals, ACL_NONE);
}
sl_free(ndn.bv_val, cp->op->o_tmpmemctx);
}
struct berval set = BER_BVNULL;
int rc = 0;
AciSetCookie cookie;
- Operation op2 = *op;
-
- op2.o_conn = NULL;
if (setref == 0) {
- ber_dupbv_x( &set, subj, op2.o_tmpmemctx );
+ ber_dupbv_x( &set, subj, op->o_tmpmemctx );
} else {
struct berval subjdn, ndn = BER_BVNULL;
* as the length of the dn to be normalized
*/
if ( slap_bv2ad(&setat, &desc, &text) == LDAP_SUCCESS ) {
- if ( dnNormalize(0, NULL, NULL, &subjdn, &ndn, op2.o_tmpmemctx) == LDAP_SUCCESS )
+ if ( dnNormalize(0, NULL, NULL, &subjdn, &ndn, op->o_tmpmemctx) == LDAP_SUCCESS )
{
- backend_attribute(&op2, e, &ndn, desc, &bvals);
+ backend_attribute( op, e, &ndn, desc, &bvals, ACL_NONE );
if ( bvals != NULL && bvals[0].bv_val != NULL ) {
int i;
set = bvals[0];
bvals[0].bv_val = bvals[i-1].bv_val;
bvals[i-1].bv_val = NULL;
}
- ber_bvarray_free_x(bvals, op2.o_tmpmemctx);
- sl_free(ndn.bv_val, op2.o_tmpmemctx);
+ ber_bvarray_free_x(bvals, op->o_tmpmemctx);
+ sl_free(ndn.bv_val, op->o_tmpmemctx);
}
}
}
if (set.bv_val != NULL) {
- cookie.op = &op2;
+ cookie.op = op;
cookie.e = e;
rc = (slap_set_filter(aci_set_gather, (SetCookie *)&cookie, &set,
- &op2.o_ndn, &e->e_nname, NULL) > 0);
- sl_free(set.bv_val, op2.o_tmpmemctx);
+ &op->o_ndn, &e->e_nname, NULL) > 0);
+ sl_free(set.bv_val, op->o_tmpmemctx);
}
return(rc);
return NULL;
}
+ be = backendDB;
+
backendDB = (BackendDB *) ch_realloc(
(char *) backendDB,
(nBackendDB + 1) * sizeof(Backend) );
memset( &backendDB[nbackends], '\0', sizeof(Backend) );
+ /* did realloc move our table? if so, fix up dependent pointers */
+ if ( be != backendDB ) {
+ int i;
+ for ( i=0, be=backendDB; i<nbackends; i++, be++ ) {
+ be->be_pcl_mutexp = &be->be_pcl_mutex;
+ }
+ }
+
be = &backends[nbackends++];
be->bd_info = bi;
be->be_context_csn.bv_len = 0;
be->be_context_csn.bv_val = NULL;
- ldap_pvt_thread_mutex_init( &be->be_pcl_mutex );
- ldap_pvt_thread_mutex_init( &be->be_context_csn_mutex );
+ be->be_pcl_mutexp = &be->be_pcl_mutex;
+ ldap_pvt_thread_mutex_init( be->be_pcl_mutexp );
LDAP_STAILQ_INIT( &be->be_syncinfo );
Entry *target,
struct berval *edn,
AttributeDescription *entry_at,
- BerVarray *vals )
+ BerVarray *vals,
+ slap_access_t access )
{
Entry *e;
Attribute *a;
if ( a ) {
BerVarray v;
- if ( op->o_conn && access_allowed( op,
- e, entry_at, NULL, ACL_AUTH,
+ if ( op->o_conn && access > ACL_NONE && access_allowed( op,
+ e, entry_at, NULL, access,
&acl_state ) == 0 ) {
rc = LDAP_INSUFFICIENT_ACCESS;
goto freeit;
v = op->o_tmpalloc( sizeof(struct berval) * (i+1),
op->o_tmpmemctx );
for ( i=0,j=0; a->a_vals[i].bv_val; i++ ) {
- if ( op->o_conn && access_allowed( op,
+ if ( op->o_conn && access > ACL_NONE && access_allowed( op,
e, entry_at,
&a->a_nvals[i],
- ACL_AUTH, &acl_state ) == 0 ) {
+ access, &acl_state ) == 0 ) {
continue;
}
ber_dupbv_x( &v[j],
csn->bv_val = NULL;
csn->bv_len = 0;
- ldap_pvt_thread_mutex_lock( &op->o_bd->be_pcl_mutex );
+ ldap_pvt_thread_mutex_lock( op->o_bd->be_pcl_mutexp );
LDAP_TAILQ_FOREACH( csne, op->o_bd->be_pending_csn_list, ce_csn_link ) {
if ( csne->ce_opid == op->o_opid && csne->ce_connid == op->o_connid ) {
}
if ( committed_csne ) ber_dupbv_x( csn, committed_csne->ce_csn, op->o_tmpmemctx );
- ldap_pvt_thread_mutex_unlock( &op->o_bd->be_pcl_mutex );
+ ldap_pvt_thread_mutex_unlock( op->o_bd->be_pcl_mutexp );
}
void
{
struct slap_csn_entry *csne;
- ldap_pvt_thread_mutex_lock( &op->o_bd->be_pcl_mutex );
+ ldap_pvt_thread_mutex_lock( op->o_bd->be_pcl_mutexp );
LDAP_TAILQ_FOREACH( csne, op->o_bd->be_pending_csn_list, ce_csn_link ) {
if ( csne->ce_opid == op->o_opid && csne->ce_connid == op->o_connid ) {
}
}
- ldap_pvt_thread_mutex_unlock( &op->o_bd->be_pcl_mutex );
+ ldap_pvt_thread_mutex_unlock( op->o_bd->be_pcl_mutexp );
}
void
if ( op == NULL ) return;
if ( op->o_bd == NULL ) return;
- ldap_pvt_thread_mutex_lock( &op->o_bd->be_pcl_mutex );
+ ldap_pvt_thread_mutex_lock( op->o_bd->be_pcl_mutexp );
LDAP_TAILQ_FOREACH( csne, op->o_bd->be_pending_csn_list, ce_csn_link ) {
if ( csne->ce_opid == op->o_opid && csne->ce_connid == op->o_connid ) {
}
}
- ldap_pvt_thread_mutex_unlock( &op->o_bd->be_pcl_mutex );
+ ldap_pvt_thread_mutex_unlock( op->o_bd->be_pcl_mutexp );
return;
}
if ( manage_ctxcsn ) {
pending = (struct slap_csn_entry *) ch_calloc( 1,
sizeof( struct slap_csn_entry ));
- ldap_pvt_thread_mutex_lock( &op->o_bd->be_pcl_mutex );
+ ldap_pvt_thread_mutex_lock( op->o_bd->be_pcl_mutexp );
ber_dupbv( &op->o_sync_csn, csn );
pending->ce_csn = ber_dupbv( NULL, csn );
pending->ce_connid = op->o_connid;
pending->ce_state = SLAP_CSN_PENDING;
LDAP_TAILQ_INSERT_TAIL( op->o_bd->be_pending_csn_list,
pending, ce_csn_link );
- ldap_pvt_thread_mutex_unlock( &op->o_bd->be_pcl_mutex );
+ ldap_pvt_thread_mutex_unlock( op->o_bd->be_pcl_mutexp );
}
return LDAP_SUCCESS;
Entry *target,
struct berval *entry_ndn,
AttributeDescription *entry_at,
- BerVarray *vals
+ BerVarray *vals,
+ slap_access_t access
));
LDAP_SLAPD_F (Attribute *) backend_operational(
assertDN->bv_val, ad->ad_cname.bv_val, searchDN->bv_val);
#endif
- rc = backend_attribute( op, NULL,
- searchDN, ad, &vals );
+ rc = backend_attribute( op, NULL, searchDN, ad, &vals, ACL_AUTH );
if( rc != LDAP_SUCCESS ) goto COMPLETE;
/* Check if the *assertDN matches any **vals */
BerVarray be_update_refs; /* where to refer modifying clients to */
struct be_pcl *be_pending_csn_list;
ldap_pvt_thread_mutex_t be_pcl_mutex;
+ ldap_pvt_thread_mutex_t *be_pcl_mutexp;
struct berval be_context_csn;
ldap_pvt_thread_mutex_t be_context_csn_mutex;
LDAP_STAILQ_HEAD( be_si, syncinfo_s ) be_syncinfo; /* For syncrepl */
/* read stored cookie if it exists */
backend_attribute( op, NULL, &op->o_req_ndn,
- slap_schema.si_ad_syncreplCookie, &cookie );
+ slap_schema.si_ad_syncreplCookie, &cookie, ACL_READ );
if ( !cookie ) {
/* no stored cookie */
struct berval cookie_bv;
/* try to read stored cookie */
backend_attribute( op, NULL, &op->o_req_ndn,
- slap_schema.si_ad_syncreplCookie, &cookie );
+ slap_schema.si_ad_syncreplCookie, &cookie, ACL_READ );
if ( cookie ) {
ber_dupbv( &cookie_bv, &cookie[0] );
ber_bvarray_add( &si->si_syncCookie.octet_str, &cookie_bv );
{
attr_delete( &e->e_attrs, slap_schema.si_ad_entryUUID );
attr_merge_one( e, slap_schema.si_ad_entryUUID,
- syncUUID, &ava.aa_value );
+ &syncUUID_strrep, syncUUID );
op->o_tag = LDAP_REQ_ADD;
op->ora_e = e;