int
fe_op_modrdn( Operation *op, SlapReply *rs )
{
- Backend *newSuperior_be = NULL;
- struct berval pdn = BER_BVNULL;
+ struct berval dest_ndn = BER_BVNULL, dest_pndn, pdn = BER_BVNULL;
BackendDB *op_be, *bd = op->o_bd;
+ ber_slen_t diff;
if( op->o_req_ndn.bv_len == 0 ) {
Debug( LDAP_DEBUG_ANY, "%s do_modrdn: root dse!\n",
goto cleanup;
}
+ if( op->orr_nnewSup ) {
+ dest_pndn = *op->orr_nnewSup;
+ } else {
+ dnParent( &op->o_req_ndn, &dest_pndn );
+ }
+ build_new_dn( &dest_ndn, &dest_pndn, &op->orr_nnewrdn, op->o_tmpmemctx );
+
+ diff = (ber_slen_t) dest_ndn.bv_len - (ber_slen_t) op->o_req_ndn.bv_len;
+ if ( diff > 0 ? dnIsSuffix( &dest_ndn, &op->o_req_ndn )
+ : diff < 0 && dnIsSuffix( &op->o_req_ndn, &dest_ndn ) )
+ {
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ diff > 0 ? "cannot place an entry below itself"
+ : "cannot place an entry above itself" );
+ goto cleanup;
+ }
+
/*
* We could be serving multiple database backends. Select the
* appropriate one, or send a referral to our "referral server"
goto cleanup;
}
- /* Make sure that the entry being changed and the newSuperior are in
- * the same backend, otherwise we return an error.
- */
- if( op->orr_newSup ) {
- newSuperior_be = select_backend( op->orr_nnewSup, 0 );
-
- if ( newSuperior_be != op->o_bd ) {
- /* newSuperior is in different backend */
+ /* check that destination DN is in the same backend as source DN */
+ if ( select_backend( &dest_ndn, 0 ) != op->o_bd ) {
send_ldap_error( op, rs, LDAP_AFFECTS_MULTIPLE_DSAS,
"cannot rename between DSAs" );
-
goto cleanup;
- }
}
/*
}
cleanup:;
+ if ( dest_ndn.bv_val != NULL )
+ ber_memfree_x( dest_ndn.bv_val, op->o_tmpmemctx );
op->o_bd = bd;
return rs->sr_err;
}
--- /dev/null
+# stand-alone slapd config -- for testing (with indexing)
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 1998-2008 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+include @SCHEMADIR@/core.schema
+include @SCHEMADIR@/cosine.schema
+include @SCHEMADIR@/inetorgperson.schema
+include @SCHEMADIR@/openldap.schema
+#
+pidfile @TESTDIR@/slapd.1.pid
+argsfile @TESTDIR@/slapd.1.args
+
+#mod#modulepath ../servers/slapd/back-@BACKEND@/
+#mod#moduleload back_@BACKEND@.la
+#monitormod#modulepath ../servers/slapd/back-monitor/
+#monitormod#moduleload back_monitor.la
+
+#######################################################################
+# database definitions
+#######################################################################
+
+database @BACKEND@
+suffix "cn=Everyone,ou=Groups,dc=example,dc=com"
+directory @TESTDIR@/db.1.a
+subordinate
+#bdb#index objectClass eq
+#bdb#index cn,sn,uid pres,eq,sub
+#hdb#index objectClass eq
+#hdb#index cn,sn,uid pres,eq,sub
+
+database @BACKEND@
+suffix "dc=example,dc=com"
+directory @TESTDIR@/db.1.b
+rootdn "cn=Manager,dc=example,dc=com"
+rootpw secret
+#bdb#index objectClass eq
+#bdb#index cn,sn,uid pres,eq,sub
+#hdb#index objectClass eq
+#hdb#index cn,sn,uid pres,eq,sub
+
+#monitor#database monitor
# conf
CONF=$DATADIR/slapd.conf
CONFTWO=$DATADIR/slapd2.conf
+CONF2DB=$DATADIR/slapd-2db.conf
MCONF=$DATADIR/slapd-master.conf
COMPCONF=$DATADIR/slapd-component.conf
PWCONF=$DATADIR/slapd-pw.conf
echo "running defines.sh"
. $SRCDIR/scripts/defines.sh
-mkdir -p $TESTDIR $DBDIR1
+mkdir -p $TESTDIR $DBDIR1A $DBDIR1B
echo "Running slapadd to build slapd database..."
-. $CONFFILTER $BACKEND $MONITORDB < $CONF > $CONF1
-$SLAPADD -f $CONF1 -l $LDIFORDERED
+. $CONFFILTER $BACKEND $MONITORDB < $CONF2DB > $CONF1
+$SLAPADD -f $CONF1 -b "$BASEDN" -l $LDIFORDERED
RC=$?
if test $RC != 0 ; then
echo "slapadd failed ($RC)!"
exit -1
fi
-echo "Testing modrdn with newSuperior as child of target "
+echo "Testing modrdn to another database (should fail with affectsMultipleDSAs)"
$LDAPMODRDN -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
- $TESTOUT 2>&1 -s 'cn=Sub1, ou=FooBar, cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example, dc=com' \
+ $TESTOUT 2>&1 'cn=All Staff,ou=Groups,dc=example,dc=com' 'cn=Everyone'
+RC=$?
+case $RC in
+0)
+ echo "ldapmodrdn succeeded, should have failed!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit -1
+ ;;
+71)
+ ;;
+*)
+ echo "ldapmodrdn failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+ ;;
+esac
+
+echo "Testing modrdn with newSuperior = target (should fail with unwillingToPerform)"
+$LDAPMODRDN -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
+ $TESTOUT 2>&1 -s 'cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example, dc=com' \
'cn=James A Jones 1, ou=Alumni Association, ou=People, dc=example, dc=com' 'cn=James A Jones 1'
RC=$?
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
-32)
- echo "ldapmodrdn failed (noSuchObject)"
+53)
;;
*)
echo "ldapmodrdn failed ($RC)!"
projects / openldap / commitdiff