OpenLDAP 2.4.8 Engineering
Fixed slapd include handling (ITS#5276)
Fixed slapd non-atomic signal variables (ITS#5248)
- Fixed libldap_r threaded library linking (ITS#4982)
+ Fixed slapd-ldif delete (ITS#5265)
+ Build Environment
+ Fixed libldap_r threaded library linking (ITS#4982)
Documentation
DB_CONFIG.example URL wrong in comments (ITS#5288)
Add cn=config example for auditlog (ITS#5245)
res->bv_len = dn.bv_len + base_path->bv_len + 1 + STRLENOF( LDIF );
res->bv_val = ch_malloc( res->bv_len + 1 );
ptr = lutil_strcopy( res->bv_val, base_path->bv_val );
- *ptr++ = LDAP_DIRSEP[0];
- ptr = lutil_strcopy( ptr, suffixdn->bv_val );
- end = dn.bv_val + dn.bv_len - suffixdn->bv_len - 1;
+ end = dn.bv_val + dn.bv_len;
+ if ( !BER_BVISEMPTY( suffixdn ) ) {
+ *ptr++ = LDAP_DIRSEP[0];
+ ptr = lutil_strcopy( ptr, suffixdn->bv_val );
+ end -= suffixdn->bv_len + 1;
+
+ } else if ( BER_BVISEMPTY( &dn ) ) {
+ *ptr++ = LDAP_DIRSEP[0];
+ }
while ( end > dn.bv_val ) {
for (sep = end-1; sep >= dn.bv_val && !DN_SEPARATOR( *sep ); sep--);
*ptr++ = LDAP_DIRSEP[0];
if ( dn.bv_val != orig_dn->bv_val ) {
ch_free( dn.bv_val );
}
+
+ assert( strlen( res->bv_val ) == res->bv_len );
}
static char * slurp_file(int fd) {
} bvlist;
-static int r_enum_tree(enumCookie *ck, struct berval *path,
+static int r_enum_tree(enumCookie *ck, struct berval *path, int base,
struct berval *pdn, struct berval *pndn)
{
- Entry *e;
- int fd, rc = LDAP_SUCCESS;
+ Entry *e = NULL;
+ int fd = 0, rc = LDAP_SUCCESS;
- fd = open( path->bv_val, O_RDONLY );
- if ( fd < 0 ) {
- Debug( LDAP_DEBUG_TRACE,
- "=> ldif_enum_tree: failed to open %s: %s\n",
- path->bv_val, STRERROR(errno), 0 );
- return LDAP_NO_SUCH_OBJECT;
- }
+ if ( !base ) {
+ fd = open( path->bv_val, O_RDONLY );
+ if ( fd < 0 ) {
+ Debug( LDAP_DEBUG_TRACE,
+ "=> ldif_enum_tree: failed to open %s: %s\n",
+ path->bv_val, STRERROR(errno), 0 );
+ return LDAP_NO_SUCH_OBJECT;
+ }
- e = get_entry_for_fd(fd, pdn, pndn);
- if ( !e ) {
- Debug( LDAP_DEBUG_ANY,
- "=> ldif_enum_tree: failed to read entry for %s\n",
- path->bv_val, 0, 0 );
- return LDAP_BUSY;
- }
+ e = get_entry_for_fd(fd, pdn, pndn);
+ if ( !e ) {
+ Debug( LDAP_DEBUG_ANY,
+ "=> ldif_enum_tree: failed to read entry for %s\n",
+ path->bv_val, 0, 0 );
+ return LDAP_BUSY;
+ }
- if ( ck->op->ors_scope == LDAP_SCOPE_BASE ||
- ck->op->ors_scope == LDAP_SCOPE_SUBTREE ) {
- /* Send right away? */
- if ( ck->rs ) {
- /*
- * if it's a referral, add it to the list of referrals. only do
- * this for non-base searches, and don't check the filter
- * explicitly here since it's only a candidate anyway.
- */
- if ( !get_manageDSAit( ck->op )
- && ck->op->ors_scope != LDAP_SCOPE_BASE
- && is_entry_referral( e ) )
- {
- BerVarray erefs = get_entry_referrals( ck->op, e );
- ck->rs->sr_ref = referral_rewrite( erefs,
- &e->e_name, NULL,
- ck->op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL
- ? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE );
-
- ck->rs->sr_entry = e;
- rc = send_search_reference( ck->op, ck->rs );
- ber_bvarray_free( ck->rs->sr_ref );
- ber_bvarray_free( erefs );
- ck->rs->sr_ref = NULL;
- ck->rs->sr_entry = NULL;
-
- } else if ( test_filter( ck->op, e, ck->op->ors_filter ) == LDAP_COMPARE_TRUE )
- {
- ck->rs->sr_entry = e;
- ck->rs->sr_attrs = ck->op->ors_attrs;
- ck->rs->sr_flags = REP_ENTRY_MODIFIABLE;
- rc = send_search_entry(ck->op, ck->rs);
- ck->rs->sr_entry = NULL;
+ if ( ck->op->ors_scope == LDAP_SCOPE_BASE ||
+ ck->op->ors_scope == LDAP_SCOPE_SUBTREE ) {
+ /* Send right away? */
+ if ( ck->rs ) {
+ /*
+ * if it's a referral, add it to the list of referrals. only do
+ * this for non-base searches, and don't check the filter
+ * explicitly here since it's only a candidate anyway.
+ */
+ if ( !get_manageDSAit( ck->op )
+ && ck->op->ors_scope != LDAP_SCOPE_BASE
+ && is_entry_referral( e ) )
+ {
+ BerVarray erefs = get_entry_referrals( ck->op, e );
+ ck->rs->sr_ref = referral_rewrite( erefs,
+ &e->e_name, NULL,
+ ck->op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL
+ ? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE );
+
+ ck->rs->sr_entry = e;
+ rc = send_search_reference( ck->op, ck->rs );
+ ber_bvarray_free( ck->rs->sr_ref );
+ ber_bvarray_free( erefs );
+ ck->rs->sr_ref = NULL;
+ ck->rs->sr_entry = NULL;
+
+ } else if ( test_filter( ck->op, e, ck->op->ors_filter ) == LDAP_COMPARE_TRUE )
+ {
+ ck->rs->sr_entry = e;
+ ck->rs->sr_attrs = ck->op->ors_attrs;
+ ck->rs->sr_flags = REP_ENTRY_MODIFIABLE;
+ rc = send_search_entry(ck->op, ck->rs);
+ ck->rs->sr_entry = NULL;
+ }
+ fd = 1;
+ if ( rc )
+ goto done;
+ } else {
+ /* Queueing up for tool mode */
+ if(ck->entries == NULL) {
+ ck->entries = (Entry **) ch_malloc(sizeof(Entry *) * ENTRY_BUFF_INCREMENT);
+ ck->elen = ENTRY_BUFF_INCREMENT;
+ }
+ if(ck->eind >= ck->elen) { /* grow entries if necessary */
+ ck->entries = (Entry **) ch_realloc(ck->entries, sizeof(Entry *) * (ck->elen) * 2);
+ ck->elen *= 2;
+ }
+
+ ck->entries[ck->eind++] = e;
+ fd = 0;
}
- fd = 1;
- if ( rc )
- goto done;
} else {
- /* Queueing up for tool mode */
- if(ck->entries == NULL) {
- ck->entries = (Entry **) ch_malloc(sizeof(Entry *) * ENTRY_BUFF_INCREMENT);
- ck->elen = ENTRY_BUFF_INCREMENT;
- }
- if(ck->eind >= ck->elen) { /* grow entries if necessary */
- ck->entries = (Entry **) ch_realloc(ck->entries, sizeof(Entry *) * (ck->elen) * 2);
- ck->elen *= 2;
- }
-
- ck->entries[ck->eind++] = e;
- fd = 0;
+ fd = 1;
}
- } else {
- fd = 1;
}
if ( ck->op->ors_scope != LDAP_SCOPE_BASE ) {
AC_MEMCPY( ptr->bv.bv_val + ptr->off, ptr->num.bv_val,
ptr->num.bv_len );
fullpath( path, &ptr->bv, &fpath );
- rc = r_enum_tree(ck, &fpath, &e->e_name, &e->e_nname );
+ rc = r_enum_tree(ck, &fpath, 0,
+ e != NULL ? &e->e_name : pdn,
+ e != NULL ? &e->e_nname : pndn );
free(fpath.bv_val);
}
if ( ptr->num.bv_val )
dnParent( &ck->op->o_req_dn, &pdn );
dnParent( &ck->op->o_req_ndn, &pndn );
dn2path( &ck->op->o_req_ndn, &ck->op->o_bd->be_nsuffix[0], &li->li_base_path, &path);
- rc = r_enum_tree(ck, &path, &pdn, &pndn);
+ rc = r_enum_tree(ck, &path, BER_BVISEMPTY( &ck->op->o_req_ndn ) ? 1 : 0, &pdn, &pndn);
ch_free( path.bv_val );
return rc;
}
return rc;
}
+ if ( BER_BVISEMPTY( &op->o_req_ndn ) ) {
+ /* the empty DN cannot be a referral */
+ return rc;
+ }
+
li = (struct ldif_info *)op->o_bd->be_private;
ldap_pvt_thread_rdwr_rlock( &li->li_rdwr );
entry = get_entry( op, &li->li_base_path );
for ( ; entry == NULL; ) {
dnParent( &pndn, &pndn );
- if ( !dnIsSuffix( &pndn, &op->o_bd->be_nsuffix[0] ) ) {
+ if ( BER_BVISEMPTY( &pndn )
+ || !dnIsSuffix( &pndn, &op->o_bd->be_nsuffix[0] ) )
+ {
break;
}
break;
case ENOENT:
- rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ /* is leaf, go on */
+ res = 0;
break;
default:
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
break;
}
+ }
- } else {
+ if ( !res ) {
res = unlink(path.bv_val);
if ( res == -1 ) {
switch ( errno ) {
+# Searching database...
dn: dc=example,dc=com
objectClass: domain
objectClass: domainRelatedObject
dc: example
associatedDomain: example.com
+dn: ou=LDAPv2,dc=example,dc=com
+objectClass: organizationalUnit
+ou: LDAPv2
+description: RFC 1779 compliant DN string representation
+
dn: ou=LDAPv3,dc=example,dc=com
objectClass: organizationalUnit
ou: LDAPv3
description: RFC 2253 compliant DN string representation
+dn: cn=May Succeed 1,ou=LDAPv2,dc=example,dc=com
+objectClass: groupOfNames
+cn: May Succeed 1
+member:
+description: " " // space, quote characters (") are not part of the string
+
+dn: cn=May Succeed 3,ou=LDAPv2,dc=example,dc=com
+objectClass: groupOfNames
+cn: May Succeed 3
+member: uid=jsmith,o=example,c=US
+description: UID=jsmith, O=example, C=US // spaces
+
+dn: cn=May Succeed 4,ou=LDAPv2,dc=example,dc=com
+objectClass: groupOfNames
+cn: May Succeed 4
+member: uid=jsmith,o=example,c=US
+description: UID=jsmith;O=example;C=US // semi-colons
+
+dn: cn=May Succeed 6,ou=LDAPv2,dc=example,dc=com
+objectClass: groupOfNames
+cn: May Succeed 6
+member: cn=John Smith,o=example,c=US
+description: CN="John Smith",O=example,C=US // quotes
+
dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com
objectClass: groupOfNames
cn: Must Succeed
description: CN=Lu\C4\8Di\C4\87
description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example
-dn: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
-objectClass: groupOfNames
-cn: Unescaped Equals
-member: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
-member: cn=A*x\3Db is a linear algebra problem,ou=LDAPv3,dc=example,dc=com
-description: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com
- // unescaped EQUALS
-
-dn: ou=LDAPv2,dc=example,dc=com
-objectClass: organizationalUnit
-ou: LDAPv2
-description: RFC 1779 compliant DN string representation
-
-dn: cn=May Succeed 1,ou=LDAPv2,dc=example,dc=com
-objectClass: groupOfNames
-cn: May Succeed 1
-member:
-description: " " // space, quote characters (") are not part of the string
-
-dn: cn=May Succeed 3,ou=LDAPv2,dc=example,dc=com
-objectClass: groupOfNames
-cn: May Succeed 3
-member: uid=jsmith,o=example,c=US
-description: UID=jsmith, O=example, C=US // spaces
-
-dn: cn=May Succeed 4,ou=LDAPv2,dc=example,dc=com
-objectClass: groupOfNames
-cn: May Succeed 4
-member: uid=jsmith,o=example,c=US
-description: UID=jsmith;O=example;C=US // semi-colons
-
-dn: cn=May Succeed 6,ou=LDAPv2,dc=example,dc=com
-objectClass: groupOfNames
-cn: May Succeed 6
-member: cn=John Smith,o=example,c=US
-description: CN="John Smith",O=example,C=US // quotes
-
-dn: ou=Related Syntaxes,dc=example,dc=com
-objectClass: organizationalUnit
-ou: Related Syntaxes
-
dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: Name and Optional UID
description: dc=example,dc=com#'1000'B // with DN portion
description: dc=example,dc=com#'0'B // with DN portion and just one '0'
+dn: ou=Related Syntaxes,dc=example,dc=com
+objectClass: organizationalUnit
+ou: Related Syntaxes
+
dn: cn=Should Parse as DN,cn=Name and Optional UID,ou=Related Syntaxes,dc=exam
ple,dc=com
objectClass: groupOfUniqueNames
description: dc=example,dc=com#'0B // malformed UID?
description: dc=example,dc=com '0'B // malformed UID?
+dn: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
+objectClass: groupOfNames
+cn: Unescaped Equals
+member: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
+member: cn=A*x\3Db is a linear algebra problem,ou=LDAPv3,dc=example,dc=com
+description: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com
+ // unescaped EQUALS
+
+# Searching database for DN="OU=Sales+CN=J. Smith,DC=example,DC=net"...
dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com
objectClass: groupOfNames
cn: Must Succeed
description: CN=Lu\C4\8Di\C4\87
description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example
+# Searching database for entryUUID-named DN="testUUID=597ae2f6-16a6-1027-98f4-ABCDEFabcdef,DC=Example"...
dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com
objectClass: groupOfNames
cn: Must Succeed
description: CN=Lu\C4\8Di\C4\87
description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example
+# Searching database for nameAndOptionalUID="dc=example,dc=com"...
+# Searching database for nameAndOptionalUID="dc=example,dc=com#'001000'B"...
dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: Name and Optional UID
description: dc=example,dc=com#'1000'B // with DN portion
description: dc=example,dc=com#'0'B // with DN portion and just one '0'
+# Searching database for uniqueMember~="dc=example,dc=com" (approx)...
dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: Name and Optional UID
description: dc=example,dc=com#'1000'B // with DN portion
description: dc=example,dc=com#'0'B // with DN portion and just one '0'
+# Searching database for uniqueMember~="dc=example,dc=com#'001000'B" (approx)...
dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: Name and Optional UID
-dn: c=US
-objectClass: country
-c: US
-
-dn: o=Example,c=US
+dn: o=Esempio,c=IT
objectClass: organization
+o: Esempio
+o: Esempio S.p.A.
o: Example
-o: Example, Inc.
-
-dn: c=UK
-objectClass: country
-c: UK
dn: o=Example,c=UK
objectClass: organization
o: Example
o: Example, Ltd.
+dn: o=Example,c=US
+objectClass: organization
+o: Example
+o: Example, Inc.
+
dn: c=IT
objectClass: country
c: IT
-dn: o=Esempio,c=IT
-objectClass: organization
-o: Esempio
-o: Esempio S.p.A.
-o: Example
+dn: c=UK
+objectClass: country
+c: UK
+
+dn: c=US
+objectClass: country
+c: US
-dn: c=US
-objectClass: country
-c: US
-
-dn: o=Example,c=US
+dn: o=Beispiel,c=DE
objectClass: organization
+o: Beispiel
+o: Beispiel GmbH
o: Example
-o: Example, Inc.
-dn: c=UK
+dn: c=DE
objectClass: country
-c: UK
+c: DE
+
+dn: o=Esempio,c=IT
+objectClass: organization
+o: Esempio
+o: Esempio S.p.A.
+o: Example
dn: o=Example,c=UK
objectClass: organization
o: Example
o: Example, Ltd.
+dn: o=Example,c=US
+objectClass: organization
+o: Example
+o: Example, Inc.
+
dn: c=IT
objectClass: country
c: IT
-dn: o=Esempio,c=IT
-objectClass: organization
-o: Esempio
-o: Esempio S.p.A.
-o: Example
-
-dn: c=DE
+dn: c=UK
objectClass: country
-c: DE
+c: UK
-dn: o=Beispiel,c=DE
-objectClass: organization
-o: Beispiel
-o: Beispiel GmbH
-o: Example
+dn: c=US
+objectClass: country
+c: US
echo "Searching database..."
echo "# Searching database..." >> $SEARCHOUT
-$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 >> $SEARCHOUT 2>&1
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
DN="OU=Sales+CN=J. Smith,DC=example,DC=net"
echo "Searching database for DN=\"$DN\"..."
echo "# Searching database for DN=\"$DN\"..." >> $SEARCHOUT
-$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(member=$DN)" >> $SEARCHOUT 2>&1
RC=$?
DN="testUUID=597ae2f6-16a6-1027-98f4-ABCDEFabcdef,DC=Example"
echo "Searching database for entryUUID-named DN=\"$DN\"..."
echo "# Searching database for entryUUID-named DN=\"$DN\"..." >> $SEARCHOUT
-$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(member=$DN)" \
>> $SEARCHOUT 2>&1
DN="dc=example,dc=com"
echo "Searching database for nameAndOptionalUID=\"$DN\"..."
echo "# Searching database for nameAndOptionalUID=\"$DN\"..." >> $SEARCHOUT
-$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(uniqueMember=$DN)" >> $SEARCHOUT 2>&1
RC=$?
DN="dc=example,dc=com#'001000'B"
echo "Searching database for nameAndOptionalUID=\"$DN\"..."
echo "# Searching database for nameAndOptionalUID=\"$DN\"..." >> $SEARCHOUT
-$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(uniqueMember=$DN)" >> $SEARCHOUT 2>&1
RC=$?
DN="dc=example,dc=com"
echo "Searching database for uniqueMember~=\"$DN\" (approx)..."
echo "# Searching database for uniqueMember~=\"$DN\" (approx)..." >> $SEARCHOUT
-$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(uniqueMember~=)" >> $SEARCHOUT 2>&1
RC=$?
DN="dc=example,dc=com#'001000'B"
echo "Searching database for uniqueMember~=\"$DN\" (approx)..."
echo "# Searching database for uniqueMember~=\"$DN\" (approx)..." >> $SEARCHOUT
-$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(uniqueMember~=$DN)" >> $SEARCHOUT 2>&1
RC=$?
echo "Searching database..."
-$LDAPSEARCH -b "" -h $LOCALHOST -p $PORT1 > $SEARCHOUT 2>&1
+$LDAPSEARCH -S "" -b "" -h $LOCALHOST -p $PORT1 > $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "Searching database..."
-$LDAPSEARCH -b "" -h $LOCALHOST -p $PORT1 > $SEARCHOUT 2>&1
+$LDAPSEARCH -S "" -b "" -h $LOCALHOST -p $PORT1 > $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then