From b95ab4ac648f3e0e8ea53e384634d0668e9a2411 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Fri, 16 Aug 2002 16:35:16 +0000 Subject: [PATCH] add function slap_modrdn2mods that prepares modifications list for delete/add old/new rdn values --- servers/slapd/back-bdb/modrdn.c | 192 +++++-------------------- servers/slapd/back-ldbm/modrdn.c | 239 +++++++------------------------ servers/slapd/modrdn.c | 147 +++++++++++++++++++ servers/slapd/proto-slap.h | 13 ++ servers/slapd/tools/mimic.c | 14 ++ 5 files changed, 261 insertions(+), 344 deletions(-) diff --git a/servers/slapd/back-bdb/modrdn.c b/servers/slapd/back-bdb/modrdn.c index dde788b392..fe7c2544ce 100644 --- a/servers/slapd/back-bdb/modrdn.c +++ b/servers/slapd/back-bdb/modrdn.c @@ -34,6 +34,9 @@ bdb_modrdn( Entry *e = NULL; Entry *p = NULL; Entry *matched; + /* LDAP v2 supporting correct attribute handling. */ + LDAPRDN *new_rdn = NULL; + LDAPRDN *old_rdn = NULL; int rc; const char *text; char textbuf[SLAP_TEXT_BUFLEN]; @@ -42,9 +45,6 @@ bdb_modrdn( struct bdb_op_info opinfo; ID id; - int a_cnt, d_cnt; - LDAPRDN *new_rdn = NULL; - LDAPRDN *old_rdn = NULL; Entry *np = NULL; /* newSuperior Entry */ struct berval *np_dn = NULL; /* newSuperior dn */ @@ -581,178 +581,60 @@ retry: /* transaction retry */ { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "bdb_modrdn: can't figure out type(s)/values(s) of newrdn\n", + "bdb_modrdn: can't figure out " + "type(s)/values(s) of newrdn\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, - "bdb_modrdn: can't figure out type(s)/values(s) " - "of newrdn\n", 0, 0, 0 ); + "bdb_modrdn: can't figure out " + "type(s)/values(s) of newrdn\n", + 0, 0, 0 ); #endif rc = LDAP_INVALID_DN_SYNTAX; text = "unknown type(s) used in RDN"; - goto return_results; + goto return_results; } #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, RESULTS, - "bdb_modrdn: new_rdn_type=\"%s\", new_rdn_val=\"%s\"\n", - new_rdn[0][0]->la_attr.bv_val, new_rdn[0][0]->la_value.bv_val, 0 ); + "bdb_modrdn: new_rdn_type=\"%s\", " + "new_rdn_val=\"%s\"\n", + new_rdn[ 0 ][ 0 ]->la_attr.bv_val, + new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 ); #else Debug( LDAP_DEBUG_TRACE, - "bdb_modrdn: new_rdn_type=\"%s\", new_rdn_val=\"%s\"\n", - new_rdn[0][0]->la_attr.bv_val, new_rdn[0][0]->la_value.bv_val, 0 ); -#endif - - if ( ldap_bv2rdn( dn, &old_rdn, (char **)&text, - LDAP_DN_FORMAT_LDAP ) ) - { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, - "bdb_modrdn: can't figure out type(s)/values(s) of old_rdn\n", - 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_back_modrdn: can't figure out the old_rdn " - "type(s)/value(s)\n", 0, 0, 0 ); -#endif - rc = LDAP_OTHER; - text = "cannot parse RDN from old DN"; - goto return_results; - } - -#if 0 - if ( newSuperior == NULL - && charray_strcasecmp( ( const char ** )old_rdn_types, - ( const char ** )new_rdn_types ) != 0 ) { - /* Not a big deal but we may say something */ -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, - "bdb_modrdn: old_rdn_type(s)=%s, new_rdn_type(s)=%s do not match\n", - old_rdn_types[ 0 ], new_rdn_types[ 0 ], 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_modrdn: old_rdn_type(s)=%s, new_rdn_type(s)=%s " - "do not match\n", - old_rdn_types[ 0 ], new_rdn_types[ 0 ], 0 ); -#endif - } -#endif - - /* Add new attribute values to the entry */ - for ( a_cnt = 0; new_rdn[0][ a_cnt ]; a_cnt++ ) { - int rc; - AttributeDescription *desc = NULL; - Modifications *mod_tmp; - - rc = slap_bv2ad( &new_rdn[0][ a_cnt ]->la_attr, &desc, &text ); - - if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "bdb_modrdn: %s: %s (new)\n", - text, new_rdn[0][a_cnt]->la_attr.bv_val, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_modrdn: %s: %s (new)\n", - text, new_rdn[0][ a_cnt ]->la_attr.bv_val, 0 ); -#endif - goto return_results; - } - - /* ACL check of newly added attrs */ - if ( !access_allowed( be, conn, op, e, desc, - &new_rdn[0][ a_cnt ]->la_value, ACL_WRITE, NULL ) ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, - "bdb_modrdn: access to attr \"%s\" (new) not allowed\n", - new_rdn[0][a_cnt]->la_attr.bv_val, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_modrdn: access to attr \"%s\" " - "(new) not allowed\n", - new_rdn[0][ a_cnt ]->la_attr.bv_val, 0, 0 ); + "bdb_modrdn: new_rdn_type=\"%s\", " + "new_rdn_val=\"%s\"\n", + new_rdn[ 0 ][ 0 ]->la_attr.bv_val, + new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 ); #endif - rc = LDAP_INSUFFICIENT_ACCESS; - goto return_results; - } - - /* Apply modification */ - mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) - + 2 * sizeof( struct berval ) ); - mod_tmp->sml_desc = desc; - mod_tmp->sml_bvalues = ( BerVarray )( mod_tmp + 1 ); - mod_tmp->sml_bvalues[ 0 ] = new_rdn[0][ a_cnt ]->la_value; - mod_tmp->sml_bvalues[ 1 ].bv_val = NULL; - mod_tmp->sml_op = SLAP_MOD_SOFTADD; - mod_tmp->sml_next = mod; - mod = mod_tmp; - } - /* Remove old rdn value if required */ if ( deleteoldrdn ) { - /* Get value of old rdn */ - if ( old_rdn == NULL) { + if ( ldap_bv2rdn( dn, &old_rdn, (char **)&text, + LDAP_DN_FORMAT_LDAP ) ) + { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, - "bdb_modrdn: can't figure out old RDN values(s) " - "from old RDN\n", 0, 0, 0 ); + "bdb_modrdn: can't figure out " + "type(s)/values(s) of old_rdn\n", + 0, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, - "bdb_modrdn: can't figure out old RDN value(s) " - "from old RDN\n", 0, 0, 0 ); + "bdb_modrdn: can't figure out " + "the old_rdn type(s)/value(s)\n", + 0, 0, 0 ); #endif rc = LDAP_OTHER; - text = "could not parse value(s) from old RDN"; + text = "cannot parse RDN from old DN"; goto return_results; } + } - for ( d_cnt = 0; old_rdn[0][ d_cnt ]; d_cnt++ ) { - int rc; - AttributeDescription *desc = NULL; - Modifications *mod_tmp; - - rc = slap_bv2ad( &old_rdn[0][ d_cnt ]->la_attr, - &desc, &text ); - - if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, "bdb_modrdn: %s: %s (old)\n", - text, old_rdn[0][d_cnt]->la_attr.bv_val, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_modrdn: %s: %s (old)\n", - text, old_rdn[0][ d_cnt ]->la_attr.bv_val, 0 ); -#endif - goto return_results; - } - - /* ACL check of newly added attrs */ - if ( !access_allowed( be, conn, op, e, desc, - &old_rdn[0][d_cnt]->la_value, ACL_WRITE, NULL ) ) { -#ifdef NEW_LOGGING - LDAP_LOG ( OPERATION, ERR, - "bdb_modrdn: access to attr \"%s\" (old) not allowed\n", - old_rdn[0][d_cnt]->la_attr.bv_val, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "bdb_modrdn: access to attr \"%s\" " - "(old) not allowed\n", - old_rdn[0][ d_cnt ]->la_attr.bv_val, 0, 0 ); -#endif - rc = LDAP_INSUFFICIENT_ACCESS; - goto return_results; - } - - /* Apply modification */ - mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) - + 2 * sizeof ( struct berval ) ); - mod_tmp->sml_desc = desc; - mod_tmp->sml_bvalues = ( BerVarray )(mod_tmp+1); - mod_tmp->sml_bvalues[ 0 ] = old_rdn[0][ d_cnt ]->la_value; - mod_tmp->sml_bvalues[ 1 ].bv_val = NULL; - mod_tmp->sml_op = LDAP_MOD_DELETE; - mod_tmp->sml_next = mod; - mod = mod_tmp; - } + /* prepare modlist of modifications from old/new rdn */ + rc = slap_modrdn2mods( be, conn, op, e, old_rdn, new_rdn, + deleteoldrdn, &mod ); + if ( rc != LDAP_SUCCESS ) { + goto return_results; } /* delete old one */ @@ -895,8 +777,12 @@ done: if( new_ndn.bv_val != NULL ) free( new_ndn.bv_val ); /* LDAP v2 supporting correct attribute handling. */ - if( new_rdn != NULL ) ldap_rdnfree( new_rdn ); - if( old_rdn != NULL ) ldap_rdnfree( old_rdn ); + if ( new_rdn != NULL ) { + ldap_rdnfree( new_rdn ); + } + if ( old_rdn != NULL ) { + ldap_rdnfree( old_rdn ); + } if( mod != NULL ) { Modifications *tmp; for (; mod; mod=tmp ) { diff --git a/servers/slapd/back-ldbm/modrdn.c b/servers/slapd/back-ldbm/modrdn.c index 540796215b..5ba4e9afb6 100644 --- a/servers/slapd/back-ldbm/modrdn.c +++ b/servers/slapd/back-ldbm/modrdn.c @@ -52,6 +52,9 @@ ldbm_back_modrdn( struct berval new_dn = { 0, NULL}, new_ndn = { 0, NULL }; Entry *e, *p = NULL; Entry *matched; + /* LDAP v2 supporting correct attribute handling. */ + LDAPRDN *new_rdn = NULL; + LDAPRDN *old_rdn = NULL; int isroot = -1; #define CAN_ROLLBACK -1 #define MUST_DESTROY 1 @@ -61,10 +64,6 @@ ldbm_back_modrdn( const char *text = NULL; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; - /* Added to support LDAP v2 correctly (deleteoldrdn thing) */ - LDAPRDN *new_rdn = NULL; - LDAPRDN *old_rdn = NULL; - int a_cnt, d_cnt; /* Added to support newSuperior */ Entry *np = NULL; /* newSuperior Entry */ struct berval *np_ndn = NULL; /* newSuperior ndn */ @@ -489,222 +488,77 @@ ldbm_back_modrdn( new_ndn.bv_val, 0, 0 ); #endif - - /* Get attribute types and values of our new rdn, we will + /* Get attribute type and attribute value of our new rdn, we will * need to add that to our new entry */ if ( ldap_bv2rdn( newrdn, &new_rdn, (char **)&text, LDAP_DN_FORMAT_LDAP ) ) { #ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_modrdn: can't figure out type(s)/value(s) of newrdn\n", + LDAP_LOG ( OPERATION, ERR, + "ldbm_back_modrdn: can't figure out " + "type(s)/values(s) of newrdn\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: can't figure out type(s)/value(s) of newrdn\n", - 0, 0, 0 ); + "ldbm_back_modrdn: can't figure out " + "type(s)/values(s) of newrdn\n", + 0, 0, 0 ); #endif - - send_ldap_result( conn, op, LDAP_INVALID_DN_SYNTAX, - NULL, "unable to parse type(s)/value(s) used in RDN", NULL, NULL ); + rc = LDAP_INVALID_DN_SYNTAX; + text = "unknown type(s) used in RDN"; goto return_results; } #ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, DETAIL1, - "ldbm_back_modrdn: new_rdn_type=\"%s\", new_rdn_val=\"%s\"\n", - new_rdn[0][0]->la_attr.bv_val, new_rdn[0][0]->la_value.bv_val, 0 ); + LDAP_LOG ( OPERATION, RESULTS, + "ldbm_back_modrdn: new_rdn_type=\"%s\", " + "new_rdn_val=\"%s\"\n", + new_rdn[ 0 ][ 0 ]->la_attr.bv_val, + new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 ); #else Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: new_rdn_type=\"%s\", new_rdn_val=\"%s\"\n", - new_rdn[0][0]->la_attr.bv_val, new_rdn[0][0]->la_value.bv_val, 0 ); + "ldbm_back_modrdn: new_rdn_type=\"%s\", " + "new_rdn_val=\"%s\"\n", + new_rdn[ 0 ][ 0 ]->la_attr.bv_val, + new_rdn[ 0 ][ 0 ]->la_value.bv_val, 0 ); #endif - /* Retrieve the old rdn from the entry's dn */ - if ( ldap_bv2rdn( dn, &old_rdn, (char **)&text, - LDAP_DN_FORMAT_LDAP ) ) - { + if ( deleteoldrdn ) { + if ( ldap_bv2rdn( dn, &old_rdn, (char **)&text, + LDAP_DN_FORMAT_LDAP ) ) + { #ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_modrdn: can't figure out the old_rdn " - "type(s)/value(s).\n", 0, 0, 0 ); + LDAP_LOG ( OPERATION, ERR, + "ldbm_back_modrdn: can't figure out " + "type(s)/values(s) of old_rdn\n", + 0, 0, 0 ); #else - Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: can't figure out the old_rdn type(s)/value(s)\n", - 0, 0, 0 ); + Debug( LDAP_DEBUG_TRACE, + "ldbm_back_modrdn: can't figure out " + "the old_rdn type(s)/value(s)\n", + 0, 0, 0 ); #endif - - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "unable to parse type(s)/value(s) used in RDN from old DN", NULL, NULL ); - goto return_results; + rc = LDAP_OTHER; + text = "cannot parse RDN from old DN"; + goto return_results; + } } -#if 0 - if ( newSuperior == NULL - && charray_strcasecmp( (const char **)old_rdn_types, (const char **)new_rdn_types ) != 0 ) - { - /* Not a big deal but we may say something */ -#ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_modrdn: old_rdn_type=%s new_rdn_type=%s\n", - old_rdn_types[0], new_rdn_types[0], 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: old_rdn_type=%s, new_rdn_type=%s!\n", - old_rdn_types[0], new_rdn_types[0], 0 ); -#endif - } -#endif - #ifdef NEW_LOGGING LDAP_LOG( BACK_LDBM, DETAIL1, "ldbm_back_modrdn: DN_X500\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: DN_X500\n", 0, 0, 0 ); #endif - - mod = NULL; - for ( a_cnt = 0; new_rdn[0][a_cnt]; a_cnt++ ) { - int rc; - AttributeDescription *desc = NULL; - Modifications *mod_tmp; - - rc = slap_bv2ad( &new_rdn[0][a_cnt]->la_attr, &desc, &text ); - - if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_modrdn: slap_bv2ad error: %s (%s)\n", - text, new_rdn[0][a_cnt]->la_attr.bv_val, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: %s: %s (new)\n", - text, new_rdn[0][a_cnt]->la_attr.bv_val, 0 ); -#endif - - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); - - goto return_results; - } - - if ( ! access_allowed( be, conn, op, e, - desc, &new_rdn[0][a_cnt]->la_value, ACL_WRITE, NULL ) ) { -#ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_modrdn: access not allowed to attr \"%s\"\n", - new_rdn[0][a_cnt]->la_attr.bv_val, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: access not allowed " - "to attr \"%s\"\n%s%s", - new_rdn[0][a_cnt]->la_attr.bv_val, "", "" ); -#endif - send_ldap_result( conn, op, - LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); - - goto return_results; - } - - mod_tmp = (Modifications *)ch_malloc( sizeof( Modifications ) - + 2 * sizeof( struct berval ) ); - mod_tmp->sml_desc = desc; - mod_tmp->sml_bvalues = (BerVarray)( mod_tmp + 1 ); - mod_tmp->sml_bvalues[0] = new_rdn[0][a_cnt]->la_value; - mod_tmp->sml_bvalues[1].bv_val = NULL; - mod_tmp->sml_op = SLAP_MOD_SOFTADD; - mod_tmp->sml_next = mod; - mod = mod_tmp; + + rc = slap_modrdn2mods( be, conn, op, e, old_rdn, new_rdn, + deleteoldrdn, &mod ); + if ( rc != LDAP_SUCCESS ) { + goto return_results; } - /* Remove old rdn value if required */ - if ( deleteoldrdn ) { - /* Get value of old rdn */ - if ( old_rdn == NULL ) { -#ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_modrdn: can't figure out old RDN value(s) " - "from old RDN\n", 0, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: can't figure out oldRDN value(s) from old RDN\n", - 0, 0, 0 ); -#endif - - send_ldap_result( conn, op, LDAP_OTHER, - NULL, "could not parse value(s) from old RDN", NULL, NULL ); - goto return_results; - } - - for ( d_cnt = 0; old_rdn[0][d_cnt]; d_cnt++ ) { - int rc; - AttributeDescription *desc = NULL; - Modifications *mod_tmp; - rc = slap_bv2ad( &old_rdn[0][d_cnt]->la_attr, &desc, &text ); - - if ( rc != LDAP_SUCCESS ) { -#ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_modrdn: %s: %s (old)\n", - text, old_rdn[0][d_cnt]->la_attr.bv_val, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: %s: %s (old)\n", - text, old_rdn[0][d_cnt]->la_attr.bv_val, 0 ); -#endif - - send_ldap_result( conn, op, rc, - NULL, text, NULL, NULL ); - - goto return_results; - } - - if ( ! access_allowed( be, conn, op, e, - desc, &old_rdn[0][d_cnt]->la_value, ACL_WRITE, NULL ) ) { -#ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, INFO, - "ldbm_back_modrdn: access not allowed to attr \"%s\"\n", - old_rdn[0][d_cnt]->la_attr.bv_val, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: access not allowed " - "to attr \"%s\"\n%s%s", - old_rdn[0][d_cnt]->la_attr.bv_val, "", "" ); -#endif - send_ldap_result( conn, op, - LDAP_INSUFFICIENT_ACCESS, - NULL, NULL, NULL, NULL ); - - goto return_results; - } - - /* Remove old value of rdn as an attribute. */ - mod_tmp = (Modifications *)ch_malloc( sizeof( Modifications ) - + 2 * sizeof( struct berval ) ); - mod_tmp->sml_desc = desc; - mod_tmp->sml_bvalues = (BerVarray)(mod_tmp+1); - mod_tmp->sml_bvalues[0] = old_rdn[0][d_cnt]->la_value; - mod_tmp->sml_bvalues[1].bv_val = NULL; - mod_tmp->sml_op = LDAP_MOD_DELETE; - mod_tmp->sml_next = mod; - mod = mod_tmp; - -#ifdef NEW_LOGGING - LDAP_LOG( BACK_LDBM, DETAIL1, - "ldbm_back_modrdn: removing old_rdn_val=%s\n", - old_rdn[0][d_cnt]->la_value.bv_val, 0, 0 ); -#else - Debug( LDAP_DEBUG_TRACE, - "ldbm_back_modrdn: removing old_rdn_val=%s\n", - old_rdn[0][d_cnt]->la_value.bv_val, 0, 0 ); -#endif - } - } - - /* check for abandon */ if ( op->o_abandon ) { goto return_results; @@ -778,9 +632,12 @@ return_results: if( new_ndn.bv_val != NULL ) free( new_ndn.bv_val ); /* LDAP v2 supporting correct attribute handling. */ - if( new_rdn ) ldap_rdnfree( new_rdn ); - if( old_rdn ) ldap_rdnfree( old_rdn ); - + if ( new_rdn != NULL ) { + ldap_rdnfree( new_rdn ); + } + if ( old_rdn != NULL ) { + ldap_rdnfree( old_rdn ); + } if ( mod != NULL ) { Modifications *tmp; for (; mod; mod = tmp ) { diff --git a/servers/slapd/modrdn.c b/servers/slapd/modrdn.c index 5116735ab6..be11fdb6e0 100644 --- a/servers/slapd/modrdn.c +++ b/servers/slapd/modrdn.c @@ -384,3 +384,150 @@ cleanup: return rc; } + +int +slap_modrdn2mods( + Backend *be, + Connection *conn, + Operation *op, + Entry *e, + LDAPRDN *old_rdn, + LDAPRDN *new_rdn, + int deleteoldrdn, + Modifications **pmod ) +{ + int rc = LDAP_SUCCESS; + const char *text; + Modifications *mod = NULL; + int a_cnt, d_cnt; + + /* Add new attribute values to the entry */ + for ( a_cnt = 0; new_rdn[ 0 ][ a_cnt ]; a_cnt++ ) { + int rc; + AttributeDescription *desc = NULL; + Modifications *mod_tmp; + + rc = slap_bv2ad( &new_rdn[ 0 ][ a_cnt ]->la_attr, + &desc, &text ); + + if ( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ERR, + "slap_modrdn2modlist: %s: %s (new)\n", + text, + new_rdn[ 0 ][ a_cnt ]->la_attr.bv_val, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "slap_modrdn2modlist: %s: %s (new)\n", + text, + new_rdn[ 0 ][ a_cnt ]->la_attr.bv_val, 0 ); +#endif + goto done; + } + + /* ACL check of newly added attrs */ + if ( be && !access_allowed( be, conn, op, e, desc, + &new_rdn[ 0 ][ a_cnt ]->la_value, ACL_WRITE, NULL ) ) { +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ERR, + "slap_modrdn2modlist: access to attr \"%s\" " + "(new) not allowed\n", + new_rdn[ 0 ][a_cnt]->la_attr.bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "slap_modrdn2modlist: access to attr \"%s\" " + "(new) not allowed\n", + new_rdn[ 0 ][ a_cnt ]->la_attr.bv_val, 0, 0 ); +#endif + rc = LDAP_INSUFFICIENT_ACCESS; + goto done; + } + + /* Apply modification */ + mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) + + 2 * sizeof( struct berval ) ); + mod_tmp->sml_desc = desc; + mod_tmp->sml_bvalues = ( BerVarray )( mod_tmp + 1 ); + mod_tmp->sml_bvalues[ 0 ] = new_rdn[ 0 ][ a_cnt ]->la_value; + mod_tmp->sml_bvalues[ 1 ].bv_val = NULL; + mod_tmp->sml_op = SLAP_MOD_SOFTADD; + mod_tmp->sml_next = mod; + mod = mod_tmp; + } + + /* Remove old rdn value if required */ + if ( deleteoldrdn ) { + for ( d_cnt = 0; old_rdn[ 0 ][ d_cnt ]; d_cnt++ ) { + int rc; + AttributeDescription *desc = NULL; + Modifications *mod_tmp; + + rc = slap_bv2ad( &old_rdn[ 0 ][ d_cnt ]->la_attr, + &desc, &text ); + + if ( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ERR, + "slap_modrdn2modlist: %s: %s (old)\n", + text, + old_rdn[ 0 ][ d_cnt ]->la_attr.bv_val, + 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "slap_modrdn2modlist: %s: %s (old)\n", + text, + old_rdn[ 0 ][ d_cnt ]->la_attr.bv_val, + 0 ); +#endif + goto done; + } + + /* ACL check of newly added attrs */ + if ( be && !access_allowed( be, conn, op, e, desc, + &old_rdn[ 0 ][ d_cnt ]->la_value, ACL_WRITE, + NULL ) ) { +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ERR, + "slap_modrdn2modlist: access " + "to attr \"%s\" (old) not allowed\n", + old_rdn[ 0 ][ d_cnt ]->la_attr.bv_val, + 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, + "slap_modrdn2modlist: access " + "to attr \"%s\" (old) not allowed\n", + old_rdn[ 0 ][ d_cnt ]->la_attr.bv_val, + 0, 0 ); +#endif + rc = LDAP_INSUFFICIENT_ACCESS; + goto done; + } + + /* Apply modification */ + mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) + + 2 * sizeof ( struct berval ) ); + mod_tmp->sml_desc = desc; + mod_tmp->sml_bvalues = ( BerVarray )(mod_tmp+1); + mod_tmp->sml_bvalues[ 0 ] + = old_rdn[ 0 ][ d_cnt ]->la_value; + mod_tmp->sml_bvalues[ 1 ].bv_val = NULL; + mod_tmp->sml_op = LDAP_MOD_DELETE; + mod_tmp->sml_next = mod; + mod = mod_tmp; + } + } + +done: + /* LDAP v2 supporting correct attribute handling. */ + if ( rc != LDAP_SUCCESS && mod != NULL ) { + Modifications *tmp; + for ( ; mod; mod = tmp ) { + tmp = mod->sml_next; + ch_free( mod ); + } + } + + *pmod = mod; + + return rc; +} diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index a7528cbe77..0118eae768 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -525,6 +525,19 @@ LDAP_SLAPD_F (int) filter_matched_values( Attribute *a, char ***e_flags ); +/* + * modrdn.c + */ +LDAP_SLAPD_F (int) slap_modrdn2mods( + Backend *be, + Connection *conn, + Operation *op, + Entry *e, + LDAPRDN *oldrdn, + LDAPRDN *newrdn, + int deleteoldrdn, + Modifications **pmod ); + /* * modify.c */ diff --git a/servers/slapd/tools/mimic.c b/servers/slapd/tools/mimic.c index 4a88f833c8..375a6706b2 100644 --- a/servers/slapd/tools/mimic.c +++ b/servers/slapd/tools/mimic.c @@ -256,3 +256,17 @@ slapd_get_listeners(void) return NULL; } +int +slap_modrdn2mods( + Backend *be, + Connection *conn, + Operation *op, + Entry *e, + LDAPRDN *oldrdn, + LDAPRDN *newrdn, + int deleteoldrdn, + Modifications **pmod ) +{ + return 0; +} + -- 2.39.5