From ceb6412e62a46db3525c8f31b4850b57c6667556 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Tue, 15 Feb 2000 18:57:07 +0000 Subject: [PATCH] More -DSLAPD_SCHEMA_NOT_COMPAT changes Not hidden: "" modifiersname --- servers/slapd/acl.c | 75 ++++++++++++++++++++------------ servers/slapd/attr.c | 8 ++++ servers/slapd/back-ldbm/index.c | 4 +- servers/slapd/back-ldbm/modify.c | 8 ++-- servers/slapd/backend.c | 2 +- servers/slapd/filterentry.c | 8 ++-- servers/slapd/modify.c | 56 ++++++++++++------------ servers/slapd/proto-slap.h | 2 +- servers/slapd/repl.c | 24 +++++----- servers/slapd/slap.h | 31 ++++++++++--- 10 files changed, 134 insertions(+), 84 deletions(-) diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index e43902aa64..3cd6d076cd 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -20,7 +20,7 @@ static AccessControl * acl_get( Backend *be, Operation *op, Entry *e, #ifdef SLAPD_SCHEMA_NOT_COMPAT - AttributeType *type, + AttributeDescription *desc, #else const char *attr, #endif @@ -31,7 +31,7 @@ static slap_control_t acl_mask( Backend *be, Connection *conn, Operation *op, Entry *e, #ifdef SLAPD_SCHEMA_NOT_COMPAT - AttributeType *type, + AttributeDescription *desc, #else const char *attr, #endif @@ -44,7 +44,7 @@ static int aci_mask( Operation *op, Entry *e, #ifdef SLAPD_SCHEMA_NOT_COMPAT - AttributeType *type, + AttributeDescription *desc, #else const char *attr, #endif @@ -87,7 +87,7 @@ access_allowed( Operation *op, Entry *e, #ifdef SLAPD_SCHEMA_NOT_COMPAT - AttributeType *attr, + AttributeDescription *attr, #else const char *attr, #endif @@ -128,7 +128,7 @@ access_allowed( * by the user */ #ifdef SLAPD_SCHEMA_NOT_COMPAT - if ( access >= ACL_WRITE && is_at_no_user_mod( attr ) ) + if ( access >= ACL_WRITE && is_at_no_user_mod( attr->ad_type ) ) #else if ( access >= ACL_WRITE && oc_check_op_no_usermod_attr( attr ) ) #endif @@ -230,13 +230,14 @@ acl_get( Operation *op, Entry *e, #ifdef SLAPD_SCHEMA_NOT_COMPAT - AttributeType *attr, + AttributeDescription *desc, #else - const char *attr, + const char *desc, #endif int nmatch, regmatch_t *matches ) { + const char *attr; assert( e != NULL ); assert( count != NULL ); @@ -253,6 +254,12 @@ acl_get( a = a->acl_next; } +#ifdef SLAPD_SCHEMA_NOT_COMPAT + attr = desc->ad_cname->bv_val; +#else + attr = desc; +#endif + for ( ; a != NULL; a = a->acl_next ) { (*count) ++; @@ -280,7 +287,7 @@ acl_get( *count, attr, 0); if ( attr == NULL || a->acl_attrs == NULL || - charray_inlist( a->acl_attrs, attr ) ) + ad_inlist( desc, a->acl_attrs ) ) { Debug( LDAP_DEBUG_ACL, "<= acl_get: [%d] acl %s attr: %s\n", @@ -313,7 +320,7 @@ acl_mask( Operation *op, Entry *e, #ifdef SLAPD_SCHEMA_NOT_COMPAT - AttributeType *attr, + AttributeDescription *attr, #else const char *attr, #endif @@ -681,7 +688,7 @@ acl_check_modlist( #endif } - for ( ; mlist != NULL; mlist = mlist->ml_next ) { + for ( ; mlist != NULL; mlist = mlist->sml_next ) { /* * no-user-modification operational attributes are ignored * by ACL_WRITE checking as any found here are not provided @@ -690,23 +697,28 @@ acl_check_modlist( #ifdef SLAPD_SCHEMA_NOT_COMPAT /* not yet implemented */ #else - if ( oc_check_op_no_usermod_attr( mlist->ml_type ) ) { + if ( oc_check_op_no_usermod_attr( mlist->sml_type ) ) { Debug( LDAP_DEBUG_ACL, "NoUserMod Operational attribute:" " modify access granted\n", - mlist->ml_type, 0, 0 ); + mlist->sml_type, 0, 0 ); continue; } +#endif - switch ( mlist->ml_op ) { + switch ( mlist->sml_op ) { case LDAP_MOD_REPLACE: case LDAP_MOD_ADD: - if ( mlist->ml_bvalues == NULL ) { + if ( mlist->sml_bvalues == NULL ) { break; } - for ( i = 0; mlist->ml_bvalues[i] != NULL; i++ ) { + for ( i = 0; mlist->sml_bvalues[i] != NULL; i++ ) { if ( ! access_allowed( be, conn, op, e, - mlist->ml_type, mlist->ml_bvalues[i], - ACL_WRITE ) ) +#ifdef SLAPD_SCHEMA_NOT_COMPAT + &mlist->sml_desc, +#else + mlist->sml_type, +#endif + mlist->sml_bvalues[i], ACL_WRITE ) ) { return( 0 ); } @@ -714,26 +726,33 @@ acl_check_modlist( break; case LDAP_MOD_DELETE: - if ( mlist->ml_bvalues == NULL ) { + if ( mlist->sml_bvalues == NULL ) { if ( ! access_allowed( be, conn, op, e, - mlist->ml_type, NULL, - ACL_WRITE ) ) +#ifdef SLAPD_SCHEMA_NOT_COMPAT + &mlist->sml_desc, +#else + mlist->sml_type, +#endif + NULL, ACL_WRITE ) ) { return( 0 ); } break; } - for ( i = 0; mlist->ml_bvalues[i] != NULL; i++ ) { + for ( i = 0; mlist->sml_bvalues[i] != NULL; i++ ) { if ( ! access_allowed( be, conn, op, e, - mlist->ml_type, mlist->ml_bvalues[i], - ACL_WRITE ) ) +#ifdef SLAPD_SCHEMA_NOT_COMPAT + &mlist->sml_desc, +#else + mlist->sml_type, +#endif + mlist->sml_bvalues[i], ACL_WRITE ) ) { return( 0 ); } } break; } -#endif } return( 1 ); @@ -1017,7 +1036,11 @@ aci_mask( Backend *be, Operation *op, Entry *e, +#ifdef SLAPD_SCHEMA_NOT_COMPAT + AttributeDescription *desc, +#else const char *attr, +#endif struct berval *val, struct berval *aci, regmatch_t *matches, @@ -1092,9 +1115,7 @@ aci_mask( } else if (aci_strbvcmp( "dnattr", &bv ) == 0) { Attribute *at; - char *attrname; - - attrname = aci_bvstrdup(&sdn); + char *attrname = aci_bvstrdup(&sdn); at = attr_find(e->e_attrs, attrname); ch_free(attrname); diff --git a/servers/slapd/attr.c b/servers/slapd/attr.c index b064c92b2b..601e68c05f 100644 --- a/servers/slapd/attr.c +++ b/servers/slapd/attr.c @@ -217,7 +217,11 @@ attr_merge( Attribute * attr_find( Attribute *a, +#ifdef SLAPD_SCHEMA_NOT_COMPAT + AttributeDescription *desc +#else const char *type +#endif ) { for ( ; a != NULL; a = a->a_next ) { @@ -243,7 +247,11 @@ attr_find( int attr_delete( Attribute **attrs, +#ifdef SLAPD_SCHEMA_NOT_COMPAT + AttributeDescription *desc +#else const char *type +#endif ) { Attribute **a; diff --git a/servers/slapd/back-ldbm/index.c b/servers/slapd/back-ldbm/index.c index cc7a453be1..c7218086e5 100644 --- a/servers/slapd/back-ldbm/index.c +++ b/servers/slapd/back-ldbm/index.c @@ -86,8 +86,8 @@ index_add_mods( { int rc; - for ( ; ml != NULL; ml = ml->ml_next ) { - Modification *mod = &ml->ml_mod; + for ( ; ml != NULL; ml = ml->sml_next ) { + Modification *mod = &ml->sml_mod; #ifdef SLAPD_SCHEMA_NOT_COMPAT /* not yet implemented */ diff --git a/servers/slapd/back-ldbm/modify.c b/servers/slapd/back-ldbm/modify.c index e6f8d0ae09..b504462893 100644 --- a/servers/slapd/back-ldbm/modify.c +++ b/servers/slapd/back-ldbm/modify.c @@ -48,8 +48,8 @@ int ldbm_modify_internal( save_attrs = e->e_attrs; e->e_attrs = attrs_dup( e->e_attrs ); - for ( ml = modlist; ml != NULL; ml = ml->ml_next ) { - mod = &ml->ml_mod; + for ( ml = modlist; ml != NULL; ml = ml->sml_next ) { + mod = &ml->sml_mod; #ifdef SLAPD_SCHEMA_NOT_COMPAT switch ( mod->sm_op ) @@ -129,8 +129,8 @@ int ldbm_modify_internal( /* remove old indices */ if( save_attrs != NULL ) { - for ( ml = modlist; ml != NULL; ml = ml->ml_next ) { - mod = &ml->ml_mod; + for ( ml = modlist; ml != NULL; ml = ml->sml_next ) { + mod = &ml->sml_mod; #ifdef SLAPD_SCHEMA_NOT_COMPAT if ( mod->sm_op == LDAP_MOD_REPLACE ) #else diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c index 0fc7d6ceec..0427fa81ce 100644 --- a/servers/slapd/backend.c +++ b/servers/slapd/backend.c @@ -619,7 +619,7 @@ backend_group( const char *op_ndn, const char *objectclassValue, #ifdef SLAPD_SCHEMA_NOT_COMPAT - AttributeType *group_at + AttributeDescription *group_at #else const char *group_at #endif diff --git a/servers/slapd/filterentry.c b/servers/slapd/filterentry.c index 875c8572ed..9497b1f54f 100644 --- a/servers/slapd/filterentry.c +++ b/servers/slapd/filterentry.c @@ -197,7 +197,7 @@ test_ava_filter( #ifdef SLAPD_SCHEMA_NOT_COMPAT if ( be != NULL && ! access_allowed( be, conn, op, e, - ava->aa_desc->ad_type->sat_cname, ava->aa_value, ACL_SEARCH ) ) + ava->aa_desc, ava->aa_value, ACL_SEARCH ) ) #else if ( be != NULL && ! access_allowed( be, conn, op, e, @@ -208,7 +208,7 @@ test_ava_filter( } #ifdef SLAPD_SCHEMA_NOT_COMPAT - if ( (a = attr_find( e->e_attrs, ava->aa_desc->ad_cname->bv_val )) == NULL ) + if ( (a = attr_find( e->e_attrs, ava->aa_desc )) == NULL ) #else if ( (a = attr_find( e->e_attrs, ava->ava_type )) == NULL ) #endif @@ -286,7 +286,7 @@ test_presence_filter( { #ifdef SLAPD_SCHEMA_NOT_COMPAT if ( be != NULL && ! access_allowed( be, conn, op, e, - desc->ad_type->sat_cname, NULL, ACL_SEARCH ) ) + desc, NULL, ACL_SEARCH ) ) #else if ( be != NULL && ! access_allowed( be, conn, op, e, type, NULL, ACL_SEARCH ) ) @@ -296,7 +296,7 @@ test_presence_filter( } #ifdef SLAPD_SCHEMA_NOT_COMPAT - return attr_find( e->e_attrs, desc->ad_cname->bv_val ) != NULL + return attr_find( e->e_attrs, desc ) != NULL #else return attr_find( e->e_attrs, type ) != NULL #endif diff --git a/servers/slapd/modify.c b/servers/slapd/modify.c index 81b23325bf..276fa7fb3e 100644 --- a/servers/slapd/modify.c +++ b/servers/slapd/modify.c @@ -26,7 +26,7 @@ #include "ldap_pvt.h" #include "slap.h" -static void modlist_free(Modifications *ml); +static void modlist_free(LDAPModList *ml); static int add_modified_attrs( Operation *op, Modifications **modlist ); @@ -40,8 +40,9 @@ do_modify( char *last; ber_tag_t tag; ber_len_t len; - Modifications *modlist = NULL; - Modifications **modtail = &modlist; + LDAPModList *modlist = NULL; + LDAPModList **modtail = &modlist; + Modifications *mods = NULL; #ifdef LDAP_DEBUG Modifications *tmp; #endif @@ -103,11 +104,8 @@ do_modify( { ber_int_t mop; - (*modtail) = (Modifications *) ch_calloc( 1, sizeof(Modifications) ); + (*modtail) = (LDAPModList *) ch_calloc( 1, sizeof(LDAPModList) ); -#ifdef SLAPD_SCHEMA_NOT_COMPAT - /* not yet implemented */ -#else if ( ber_scanf( op->o_ber, "{i{a[V]}}", &mop, &(*modtail)->ml_type, &(*modtail)->ml_bvalues ) == LBER_ERROR ) @@ -117,7 +115,6 @@ do_modify( rc = -1; goto cleanup; } -#endif (*modtail)->ml_op = mop; @@ -156,24 +153,33 @@ do_modify( } *modtail = NULL; + if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { + Debug( LDAP_DEBUG_ANY, "do_modify: get_ctrls failed\n", 0, 0, 0 ); + goto cleanup; + } + #ifdef SLAPD_SCHEMA_NOT_COMPAT /* not yet implemented */ #else + mods = modlist; +#endif + #ifdef LDAP_DEBUG Debug( LDAP_DEBUG_ARGS, "modifications:\n", 0, 0, 0 ); - for ( tmp = modlist; tmp != NULL; tmp = tmp->ml_next ) { + for ( tmp = mods; tmp != NULL; tmp = tmp->sml_next ) { +#ifdef SLAPD_SCHEMA_NOT_COMPAT + char *type = tmp->sml_desc.ad_cname->bv_val; +#else + char *type = tmp->sml_type; +#endif Debug( LDAP_DEBUG_ARGS, "\t%s: %s\n", - tmp->ml_op == LDAP_MOD_ADD - ? "add" : (tmp->ml_op == LDAP_MOD_DELETE - ? "delete" : "replace"), tmp->ml_type, 0 ); + tmp->sml_op == LDAP_MOD_ADD + ? "add" : (tmp->sml_op == LDAP_MOD_DELETE + ? "delete" : "replace"), type, 0 ); } -#endif #endif - if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) { - Debug( LDAP_DEBUG_ANY, "do_modify: get_ctrls failed\n", 0, 0, 0 ); - goto cleanup; - } + Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d MOD dn=\"%s\"\n", op->o_connid, op->o_opid, dn, 0, 0 ); @@ -228,7 +234,7 @@ do_modify( if ( (be->be_lastmod == ON || (be->be_lastmod == UNDEFINED && global_lastmod == ON)) && be->be_update_ndn == NULL ) { - rc = add_modified_attrs( op, &modlist ); + rc = add_modified_attrs( op, &mods ); if( rc != LDAP_SUCCESS ) { send_ldap_result( conn, op, rc, @@ -238,14 +244,14 @@ do_modify( } } - if ( (*be->be_modify)( be, conn, op, dn, ndn, modlist ) == 0 + if ( (*be->be_modify)( be, conn, op, dn, ndn, mods ) == 0 #ifdef SLAPD_MULTIMASTER && ( be->be_update_ndn == NULL || strcmp( be->be_update_ndn, op->o_ndn ) != 0 ) #endif ) { /* but we log only the ones not from a replicator user */ - replog( be, op, dn, modlist ); + replog( be, op, dn, mods ); } #ifndef SLAPD_MULTIMASTER @@ -293,7 +299,7 @@ add_modified_attrs( Operation *op, Modifications **modlist ) } if ( op->o_dn == NULL || op->o_dn[0] == '\0' ) { - bv.bv_val = "NULLDN"; + bv.bv_val = ""; bv.bv_len = strlen( bv.bv_val ); } else { bv.bv_val = op->o_dn; @@ -329,14 +335,11 @@ add_modified_attrs( Operation *op, Modifications **modlist ) static void modlist_free( - Modifications *ml + LDAPModList *ml ) { - Modifications *next; + LDAPModList *next; -#ifdef SLAPD_SCHEMA_NOT_COMPAT - /* not yet implemented */ -#else for ( ; ml != NULL; ml = next ) { next = ml->ml_next; @@ -348,5 +351,4 @@ modlist_free( free( ml ); } -#endif } diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index 0e2973cb3c..909eecbfcb 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -39,7 +39,7 @@ LIBSLAPD_F (int) ad_inlist LDAP_P(( #if SLAPD_SCHEMA_NOT_COMPAT LIBSLAPD_F (int) access_allowed LDAP_P(( Backend *be, Connection *conn, Operation *op, - Entry *e, AttributeDescription *type, struct berval *val, + Entry *e, AttributeDescription *desc, struct berval *val, slap_access_t access )); #else LIBSLAPD_F (int) access_allowed LDAP_P(( diff --git a/servers/slapd/repl.c b/servers/slapd/repl.c index 273286acbe..119c014061 100644 --- a/servers/slapd/repl.c +++ b/servers/slapd/repl.c @@ -57,38 +57,38 @@ replog( case LDAP_REQ_MODIFY: fprintf( fp, "changetype: modify\n" ); ml = change; - for ( ; ml != NULL; ml = ml->ml_next ) { + for ( ; ml != NULL; ml = ml->sml_next ) { #ifdef SLAPD_SCHEMA_NOT_COMPAT /* not yet implemented */ #else - switch ( ml->ml_op ) { + switch ( ml->sml_op ) { case LDAP_MOD_ADD: - fprintf( fp, "add: %s\n", ml->ml_type ); + fprintf( fp, "add: %s\n", ml->sml_type ); break; case LDAP_MOD_DELETE: - fprintf( fp, "delete: %s\n", ml->ml_type ); + fprintf( fp, "delete: %s\n", ml->sml_type ); break; case LDAP_MOD_REPLACE: - fprintf( fp, "replace: %s\n", ml->ml_type ); + fprintf( fp, "replace: %s\n", ml->sml_type ); break; } - for ( i = 0; ml->ml_bvalues != NULL && - ml->ml_bvalues[i] != NULL; i++ ) { + for ( i = 0; ml->sml_bvalues != NULL && + ml->sml_bvalues[i] != NULL; i++ ) { char *buf, *bufp; - len = strlen( ml->ml_type ); + len = strlen( ml->sml_type ); len = LDIF_SIZE_NEEDED( len, - ml->ml_bvalues[i]->bv_len ) + 1; + ml->sml_bvalues[i]->bv_len ) + 1; buf = (char *) ch_malloc( len ); bufp = buf; ldif_sput( &bufp, LDIF_PUT_VALUE, - ml->ml_type, - ml->ml_bvalues[i]->bv_val, - ml->ml_bvalues[i]->bv_len ); + ml->sml_type, + ml->sml_bvalues[i]->bv_val, + ml->sml_bvalues[i]->bv_len ); *bufp = '\0'; fputs( buf, fp ); diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 2768528086..cc4e9e8cf8 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -481,19 +481,38 @@ typedef struct slap_mod { #endif typedef struct slap_mod_list { - Modification ml_mod; + Modification sml_mod; #ifdef SLAPD_SCHEMA_NOT_COMPAT -#define ml_op ml_mod.sm_op -#define ml_desc ml_mod.sm_desc -#define ml_bvalues ml_mod.sm_bvalues +#define sml_op sml_mod.sm_op +#define sml_desc sml_mod.sm_desc +#define sml_bvalues sml_mod.sm_bvalues #else +#define sml_op sml_mod.mod_op +#define sml_type sml_mod.mod_type +#define sml_values sml_mod.mod_values +#define sml_bvalues sml_mod.mod_bvalues +#endif + struct slap_mod_list *sml_next; +} Modifications; + +#ifdef SLAPD_SCHEMA_NOT_COMPAT +typedef struct slap_ldap_modlist { + LDAPMod ml_mod; + struct slap_ldap_modlist *ml_next; #define ml_op ml_mod.mod_op #define ml_type ml_mod.mod_type #define ml_values ml_mod.mod_values #define ml_bvalues ml_mod.mod_bvalues +} LDAPModList; +#else +#define LDAPModList Modifications +#define ml_mod sml_mod +#define ml_op sml_mod.mod_op +#define ml_type sml_mod.mod_type +#define ml_values sml_mod.mod_values +#define ml_bvalues sml_mod.mod_bvalues +#define ml_next sml_next #endif - struct slap_mod_list *ml_next; -} Modifications; /* * represents an access control list -- 2.39.5