From: Pierangelo Masarati <ando@openldap.org>
Date: Sat, 17 Jul 2004 14:45:07 +0000 (+0000)
Subject: normalize authcDN (ITS#3246); don't touch databases when running slapadd in dryryn... 
X-Git-Tag: OPENDLAP_REL_ENG_2_2_MP~65
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=854863f0b6d2fe30c5b4a74c8137b28d5e8c2fca;p=openldap

normalize authcDN (ITS#3246); don't touch databases when running slapadd in dryryn mode (ITS#3244); release lock when acquiring entry in tool mode (ITS#3245)
---

diff --git a/servers/slapd/back-bdb/id2entry.c b/servers/slapd/back-bdb/id2entry.c
index d4eb267111..37cdcb67df 100644
--- a/servers/slapd/back-bdb/id2entry.c
+++ b/servers/slapd/back-bdb/id2entry.c
@@ -376,15 +376,22 @@ return_results:
 	if( rc != LDAP_SUCCESS ) {
 		/* free entry */
 		bdb_cache_return_entry_rw(bdb->bi_dbenv, &bdb->bi_cache, e, rw, &lock);
+
 	} else {
-		*ent = e;
-		/* big drag. we need a place to store a read lock so we can
-		 * release it later??
-		 */
-		if ( op && !boi ) {
-			boi = op->o_tmpcalloc(1,sizeof(struct bdb_op_info),op->o_tmpmemctx);
-			boi->boi_lock = lock;
-			op->o_private = boi;
+		if ( slapMode == SLAP_SERVER_MODE ) {
+			*ent = e;
+			/* big drag. we need a place to store a read lock so we can
+			 * release it later??
+			 */
+			if ( op && !boi ) {
+				boi = op->o_tmpcalloc(1,sizeof(struct bdb_op_info),op->o_tmpmemctx);
+				boi->boi_lock = lock;
+				op->o_private = boi;
+			}
+
+		} else {
+			*ent = entry_dup( e );
+			bdb_cache_return_entry_rw(bdb->bi_dbenv, &bdb->bi_cache, e, rw, &lock);
 		}
 	}
 
diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c
index 9ffde3b85a..31b68b7aac 100644
--- a/servers/slapd/slapacl.c
+++ b/servers/slapd/slapacl.c
@@ -65,8 +65,23 @@ slapacl( int argc, char **argv )
 			rc = 1;
 			goto destroy;
 		}
+
+	} else if ( !BER_BVISNULL( &authcDN ) ) {
+		struct berval	ndn;
+
+		rc = dnNormalize( 0, NULL, NULL, &authcDN, &ndn, NULL );
+		if ( rc != LDAP_SUCCESS ) {
+			fprintf( stderr, "autchDN=\"%s\" normalization failed %d (%s)\n",
+					authcDN.bv_val, rc,
+					ldap_err2string( rc ) );
+			rc = 1;
+			goto destroy;
+		}
+		ch_free( authcDN.bv_val );
+		authcDN = ndn;
 	}
 
+
 	if ( !BER_BVISNULL( &authcDN ) ) {
 		fprintf( stderr, "DN: \"%s\"\n", authcDN.bv_val );
 	}
diff --git a/servers/slapd/slapadd.c b/servers/slapd/slapadd.c
index 54421f5fba..677e7b1fd4 100644
--- a/servers/slapd/slapadd.c
+++ b/servers/slapd/slapadd.c
@@ -100,7 +100,7 @@ slapadd( int argc, char **argv )
 	lmax = 0;
 	lineno = 0;
 
-	if( be->be_entry_open( be, 1 ) != 0 ) {
+	if( !dryrun && be->be_entry_open( be, 1 ) != 0 ) {
 		fprintf( stderr, "%s: could not open database.\n",
 			progname );
 		exit( EXIT_FAILURE );
@@ -308,6 +308,13 @@ slapadd( int argc, char **argv )
 			}
 		}
 
+		if ( dryrun ) {
+			if ( verbose ) {
+				fprintf( stderr, "(dry) added: \"%s\"\n", e->e_dn );
+			}
+			goto done;
+		}
+
 		if ( update_ctxcsn == SLAP_TOOL_CTXCSN_KEEP &&
 			( replica_promotion || replica_demotion )) {
 			if ( is_entry_syncProviderSubentry( e )) { 
@@ -404,8 +411,12 @@ slapadd( int argc, char **argv )
 		}
 
 		if (( !is_entry_syncProviderSubentry( e ) &&
-			 !is_entry_syncConsumerSubentry( e )) ||
-			 ( !replica_promotion && !replica_demotion )) {
+				 !is_entry_syncConsumerSubentry( e )) ||
+				 ( !replica_promotion && !replica_demotion ))
+		{
+			/* dryrun moved earlier */
+			assert( !dryrun );
+
 			if (!dryrun) {
 				ID id = be->be_entry_put( be, e, &bvtext );
 				if( id == NOID ) {
@@ -429,6 +440,7 @@ slapadd( int argc, char **argv )
 			}
 		}
 
+done:;
 		entry_free( e );
 	}
 
@@ -471,6 +483,10 @@ slapadd( int argc, char **argv )
 		
 			if ( ctxcsn_id == NOID ) {
 				ctxcsn_e = slap_create_context_csn_entry( be, &maxcsn );
+				
+				/* dryrun moved earlier */
+				assert( !dryrun );
+
 				if ( !dryrun ) {
 					ctxcsn_id = be->be_entry_put( be, ctxcsn_e, &bvtext );
 					if( ctxcsn_id == NOID ) {
@@ -496,6 +512,10 @@ slapadd( int argc, char **argv )
 					AC_MEMCPY( attr->a_vals[0].bv_val, maxcsn.bv_val, maxcsn.bv_len );
 					attr->a_vals[0].bv_val[maxcsn.bv_len] = '\0';
 					attr->a_vals[0].bv_len = maxcsn.bv_len;
+				
+					/* dryrun moved earlier */
+					assert( !dryrun );
+
 					if ( !dryrun ) {
 						ctxcsn_id = be->be_entry_modify( be, ctxcsn_e, &bvtext );
 						if( ctxcsn_id == NOID ) {
@@ -547,8 +567,12 @@ slapadd( int argc, char **argv )
 
 			if ( ctxcsn_id == NOID ) {
 				ctxcsn_e = slap_create_syncrepl_entry( be, &mc,
-												&slap_syncrepl_cn_bv,
-												&slap_syncrepl_bv );
+						&slap_syncrepl_cn_bv,
+						&slap_syncrepl_bv );
+
+				/* dryrun moved earlier */
+				assert( !dryrun );
+
 				if ( !dryrun ) {
 					ctxcsn_id = be->be_entry_put( be, ctxcsn_e, &bvtext );
 					if( ctxcsn_id == NOID ) {
@@ -575,6 +599,10 @@ slapadd( int argc, char **argv )
 					AC_MEMCPY( attr->a_vals[0].bv_val, mc.bv_val, mc.bv_len );
 					attr->a_vals[0].bv_val[maxcsn.bv_len] = '\0';
 					attr->a_vals[0].bv_len = maxcsn.bv_len;
+				
+					/* dryrun moved earlier */
+					assert( !dryrun );
+
 					if ( !dryrun ) {
 						ctxcsn_id = be->be_entry_modify( be,
 											ctxcsn_e, &bvtext );
@@ -615,7 +643,11 @@ slapadd( int argc, char **argv )
 
 			if ( ctxcsn_id == NOID ) {
 				ctxcsn_e = slap_create_syncrepl_entry( be, &sei->cookie,
-												&sei->rdn, &sei->cn );
+						&sei->rdn, &sei->cn );
+
+				/* dryrun moved earlier */
+				assert( !dryrun );
+
 				if ( !dryrun ) {
 					ctxcsn_id = be->be_entry_put( be, ctxcsn_e, &bvtext );
 					if( ctxcsn_id == NOID ) {
@@ -642,6 +674,10 @@ slapadd( int argc, char **argv )
 					AC_MEMCPY( attr->a_vals[0].bv_val, sei->cookie.bv_val, sei->cookie.bv_len );
 					attr->a_vals[0].bv_val[sei->cookie.bv_len] = '\0';
 					attr->a_vals[0].bv_len = sei->cookie.bv_len;
+					
+					/* dryrun moved earlier */
+					assert( !dryrun );
+
 					if ( !dryrun ) {
 						ctxcsn_id = be->be_entry_modify( be,
 											ctxcsn_e, &bvtext );
diff --git a/servers/slapd/slapcommon.c b/servers/slapd/slapcommon.c
index 55659e7ab3..68af0e9ff5 100644
--- a/servers/slapd/slapcommon.c
+++ b/servers/slapd/slapcommon.c
@@ -131,10 +131,12 @@ slap_tool_init(
 	case SLAPDN:
 	case SLAPTEST:
 		options = "d:f:v";
+		mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
 		break;
 
 	case SLAPAUTH:
 		options = "d:f:U:vX:";
+		mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
 		break;
 
 	case SLAPINDEX:
@@ -144,6 +146,7 @@ slap_tool_init(
 
 	case SLAPACL:
 		options = "b:D:d:f:U:v";
+		mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
 		break;
 
 	default:
@@ -168,7 +171,7 @@ slap_tool_init(
 			break;
 
 		case 'D':
-			ber_str2bv( optarg, 0, 0, &authcDN );
+			ber_str2bv( optarg, 0, 1, &authcDN );
 			break;
 
 		case 'f':	/* specify a conf file */
@@ -430,8 +433,12 @@ slap_tool_init(
 		be = select_backend( &nbase, 0, 0 );
 		ber_memfree( nbase.bv_val );
 
-		if ( tool == SLAPACL ) {
+		switch ( tool ) {
+		case SLAPACL:
 			goto startup;
+
+		default:
+			break;
 		}
 
 		if( be == NULL ) {
@@ -527,4 +534,8 @@ void slap_tool_destroy( void )
 #ifdef CSRIMALLOC
 	mal_dumpleaktrace( leakfile );
 #endif
+
+	if ( !BER_BVISNULL( &authcDN ) ) {
+		ch_free( authcDN.bv_val );
+	}
 }