From cfa450d078d2595b01b2d2a83555932dc788ad1c Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Mon, 28 Dec 1998 23:43:04 +0000 Subject: [PATCH] Fix schema check bug... actually charray needs to dup strings on add/merge as we now free strings agressively. Improved debug message to include name of missing required attribute and added check for 'operational attributes'. This check should be used everywhere we need to test for operational attributes (add/modify). Also, enabled schema checking for tests (and fixed resulting problems by adjusting oc.conf). --- include/portable.h.in | 44 ++++++++++++++---------------------- servers/slapd/charray.c | 4 ++-- servers/slapd/schema.c | 36 ++++++++++++++++++++++------- tests/data/slapd-master.conf | 2 +- tests/data/slapd.oc.conf | 16 +++++++------ 5 files changed, 57 insertions(+), 45 deletions(-) diff --git a/include/portable.h.in b/include/portable.h.in index 947ae29bd5..93e1f80819 100644 --- a/include/portable.h.in +++ b/include/portable.h.in @@ -1,33 +1,14 @@ /* include/portable.h.in. Generated automatically from configure.in by autoheader. */ /* portable.h.top begin */ /* -Copyright 1998 The OpenLDAP Foundation, Redwood City, California, USA -All rights reserved. - -Redistribution and use in source and binary forms are permitted only -as authorized by the OpenLDAP Public License. A copy of this -license is available at http://www.OpenLDAP.org/license.html or -in file LICENSE in the top-level directory of the distribution. - -This work is derived from the University of Michigan LDAP v3.3 -distribution. Information concerning is available at - http://www.umich.edu/~dirsvcs/ldap/ldap.html. - -This work also contains materials derived from public sources. - ---- - -Portions Copyright (c) 1992-1996 Regents of the University of Michigan. -All rights reserved. - -Redistribution and use in source and binary forms are permitted -provided that this notice is preserved and that due credit is given -to the University of Michigan at Ann Arbor. The name of the University -may not be used to endorse or promote products derived from this -software without specific prior written permission. This software -is provided ``as is'' without express or implied warranty. - -*/ + * Copyright 1998,1999 The OpenLDAP Foundation, Redwood City, California, USA + * All rights reserved. + * + * Redistribution and use in source and binary forms are permitted only + * as authorized by the OpenLDAP Public License. A copy of this + * license is available at http://www.OpenLDAP.org/license.html or + * in file LICENSE in the top-level directory of the distribution. + */ #ifndef _LDAP_PORTABLE_H #define _LDAP_PORTABLE_H @@ -611,6 +592,15 @@ is provided ``as is'' without express or implied warranty. /* Define if you have the socket library (-lsocket). */ #undef HAVE_LIBSOCKET /* portable.h.bot begin */ +/* + * Copyright 1998,1999 The OpenLDAP Foundation, Redwood City, California, USA + * All rights reserved. + * + * Redistribution and use in source and binary forms are permitted only + * as authorized by the OpenLDAP Public License. A copy of this + * license is available at http://www.OpenLDAP.org/license.html or + * in file LICENSE in the top-level directory of the distribution. + */ #ifdef HAVE_STDDEF_H # include diff --git a/servers/slapd/charray.c b/servers/slapd/charray.c index 26a669cd60..c2eb56ceaa 100644 --- a/servers/slapd/charray.c +++ b/servers/slapd/charray.c @@ -29,7 +29,7 @@ charray_add( (n + 2) * sizeof(char *) ); } - (*a)[n++] = s; + (*a)[n++] = ch_strdup(s); (*a)[n] = NULL; } @@ -51,7 +51,7 @@ charray_merge( *a = (char **) ch_realloc( (char *) *a, (n + nn + 1) * sizeof(char *) ); for ( i = 0; i < nn; i++ ) { - (*a)[n + i] = s[i]; + (*a)[n + i] = ch_strdup(s[i]); } (*a)[n + nn] = NULL; } diff --git a/servers/slapd/schema.c b/servers/slapd/schema.c index 05dbd55777..f4fab6022c 100644 --- a/servers/slapd/schema.c +++ b/servers/slapd/schema.c @@ -10,7 +10,7 @@ #include "slap.h" static struct objclass *oc_find(char *ocname); -static int oc_check_required(Entry *e, char *ocname); +static char * oc_check_required(Entry *e, char *ocname); static int oc_check_allowed(char *type, struct berval **ocl); /* @@ -35,10 +35,12 @@ oc_schema_check( Entry *e ) /* check that the entry has required attrs for each oc */ for ( i = 0; aoc->a_vals[i] != NULL; i++ ) { - if ( oc_check_required( e, aoc->a_vals[i]->bv_val ) != 0 ) { + char *s = oc_check_required( e, aoc->a_vals[i]->bv_val ); + + if (s != NULL) { Debug( LDAP_DEBUG_ANY, - "Entry (%s), required attr (%s) missing\n", - e->e_dn, aoc->a_vals[i]->bv_val, 0 ); + "Entry (%s), oc \"%s\" requires attr \"%s\"\n", + e->e_dn, aoc->a_vals[i]->bv_val, s ); ret = 1; } } @@ -51,7 +53,7 @@ oc_schema_check( Entry *e ) for ( a = e->e_attrs; a != NULL; a = a->a_next ) { if ( oc_check_allowed( a->a_type, aoc->a_vals ) != 0 ) { Debug( LDAP_DEBUG_ANY, - "Entry (%s), attr (%s) not allowed\n", + "Entry (%s), attr \"%s\" not allowed\n", e->e_dn, a->a_type, 0 ); ret = 1; } @@ -60,7 +62,7 @@ oc_schema_check( Entry *e ) return( ret ); } -static int +static char * oc_check_required( Entry *e, char *ocname ) { struct objclass *oc; @@ -89,11 +91,25 @@ oc_check_required( Entry *e, char *ocname ) /* not there => schema violation */ if ( a == NULL ) { - return( 1 ); + return oc->oc_required[i]; } } - return( 0 ); + return( NULL ); +} + +/* + * check to see if attribute is 'operational' or not. + * this function should be externalized... + */ +static int +oc_check_operational( char *type ) +{ + return ( strcasecmp( type, "modifiersname" ) == 0 || + strcasecmp( type, "modifytimestamp" ) == 0 || + strcasecmp( type, "creatorsname" ) == 0 || + strcasecmp( type, "createtimestamp" ) == 0 ) + ? 1 : 0; } static int @@ -107,6 +123,10 @@ oc_check_allowed( char *type, struct berval **ocl ) return( 0 ); } + if ( oc_check_operational( type ) ) { + return( 0 ); + } + /* check that the type appears as req or opt in at least one oc */ for ( i = 0; ocl[i] != NULL; i++ ) { /* if we know about the oc */ diff --git a/tests/data/slapd-master.conf b/tests/data/slapd-master.conf index 59657b7444..74ce2d19b0 100644 --- a/tests/data/slapd-master.conf +++ b/tests/data/slapd-master.conf @@ -3,7 +3,7 @@ # include ./data/slapd.at.conf include ./data/slapd.oc.conf -schemacheck off +schemacheck on ####################################################################### # ldbm database definitions diff --git a/tests/data/slapd.oc.conf b/tests/data/slapd.oc.conf index 94f2349ba5..02e3b2bdb1 100644 --- a/tests/data/slapd.oc.conf +++ b/tests/data/slapd.oc.conf @@ -83,18 +83,17 @@ objectclass organizationalUnit objectclass person requires objectClass, - sn, cn allows description, seeAlso, + sn, telephoneNumber, userPassword objectclass organizationalPerson requires objectClass, - sn, cn allows description, @@ -110,6 +109,7 @@ objectclass organizationalPerson preferredDeliveryMethod, registeredAddress, seeAlso, + sn, st, streetAddress, telephoneNumber, @@ -161,7 +161,6 @@ objectclass groupOfNames objectclass residentialPerson requires objectClass, - sn, cn, l allows @@ -178,6 +177,7 @@ objectclass residentialPerson preferredDeliveryMethod, registeredAddress, seeAlso, + sn, st, streetAddress, telephoneNumber, @@ -261,7 +261,6 @@ objectclass pilotObject objectclass newPilotPerson requires objectClass, - sn, cn allows businessCategory, @@ -270,6 +269,8 @@ objectclass newPilotPerson homePhone, homePostalAddress, janetMailbox, + lastModifiedBy, + lastModifiedTime, mail, mailPreferenceOption, mobile, @@ -282,6 +283,7 @@ objectclass newPilotPerson roomNumber, secretary, seeAlso, + sn, telephoneNumber, textEncodedORaddress, uid, @@ -663,9 +665,7 @@ objectclass kerberosSecurityObject objectclass umichPerson requires objectClass, - sn, - cn, - universityID + cn allows affiliationCode, audio, @@ -714,6 +714,7 @@ objectclass umichPerson roomNumber, secretary, seeAlso, + sn, st, streetAddress, telephoneNumber, @@ -722,6 +723,7 @@ objectclass umichPerson textEncodedORaddress, title, uid, + universityID, updateSource, userCertificate, userClass, -- 2.39.5