From: Ondřej Kuzník Date: Sun, 22 Nov 2015 18:32:43 +0000 (+0000) Subject: ITS#7100 Update entryTtl behaviour to match RFC 2589 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=08492987a0faf3d8d468d9c8fce2f670e130977c;p=openldap ITS#7100 Update entryTtl behaviour to match RFC 2589 --- diff --git a/servers/slapd/overlays/dds.c b/servers/slapd/overlays/dds.c index bb292a7109..242fe15d71 100644 --- a/servers/slapd/overlays/dds.c +++ b/servers/slapd/overlays/dds.c @@ -879,6 +879,72 @@ dds_op_rename( Operation *op, SlapReply *rs ) return SLAP_CB_CONTINUE; } +/* entryTtl update for client */ +static int +dds_response( Operation *op, SlapReply *rs ) +{ + slap_overinst *on = (slap_overinst *)op->o_bd->bd_info; + dds_info_t *di = on->on_bi.bi_private; + int rc; + + if ( !DDS_OFF( di ) + && rs->sr_type == REP_SEARCH + && attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_entryTtl ) ) + { + BerVarray vals = NULL; + struct lutil_tm tm; + struct lutil_timet tt; + char ttlbuf[STRLENOF("31557600") + 1]; + struct berval ttlvalue; + time_t ttl; + int len; + + /* User already has access to entryTtl, skip ACL checks on + * entryExpireTimestamp */ + rc = backend_attribute( op, NULL, &rs->sr_entry->e_nname, + ad_entryExpireTimestamp, &vals, ACL_NONE ); + if ( rc != LDAP_SUCCESS ) { + return rc; + } + + assert( vals[0].bv_val[vals[0].bv_len] == '\0' ); + if ( lutil_parsetime( vals[0].bv_val, &tm ) ) { + goto done; + } + + lutil_tm2time( &tm, &tt ); + ttl = tt.tt_sec - op->o_time; + ttl = (ttl < 0) ? 0 : ttl; + assert( ttl <= DDS_RF2589_MAX_TTL ); + + len = snprintf( ttlbuf, sizeof(ttlbuf), "%ld", ttl ); + if ( len < 0 ) + { + goto done; + } + ttlvalue.bv_val = ttlbuf; + ttlvalue.bv_len = len; + + rs_entry2modifiable( op, rs, on ); + + if ( attr_delete( &rs->sr_entry->e_attrs, + slap_schema.si_ad_entryTtl ) ) + { + goto done; + } + if ( attr_merge_normalize_one( rs->sr_entry, + slap_schema.si_ad_entryTtl, + &ttlvalue, op->o_tmpmemctx ) ) + { + goto done; + } + +done:; + ber_bvarray_free_x( vals, op->o_tmpmemctx ); + } + return SLAP_CB_CONTINUE; +} + static int slap_parse_refresh( struct berval *in, @@ -1929,6 +1995,7 @@ dds_initialize() dds.on_bi.bi_op_modify = dds_op_modify; dds.on_bi.bi_op_modrdn = dds_op_rename; dds.on_bi.bi_extended = dds_op_extended; + dds.on_response = dds_response; dds.on_bi.bi_cf_ocs = dds_ocs; diff --git a/tests/scripts/defines.sh b/tests/scripts/defines.sh index 0750f88688..c328a60a8c 100755 --- a/tests/scripts/defines.sh +++ b/tests/scripts/defines.sh @@ -291,6 +291,7 @@ SEARCHOUT2=$TESTDIR/ldapsearch2.out SEARCHFLT=$TESTDIR/ldapsearch.flt SEARCHFLT2=$TESTDIR/ldapsearch2.flt LDIFFLT=$TESTDIR/ldif.flt +LDIFFLT2=$TESTDIR/ldif2.flt TESTOUT=$TESTDIR/test.out INITOUT=$TESTDIR/init.out VALSORTOUT1=$DATADIR/valsort1.out