int boi_acl_cache;
};
-#define DB_OPEN(db, file, name, type, flags, mode) \
+#define DB_OPEN(db, txn, file, name, type, flags, mode) \
(db)->open(db, file, name, type, flags, mode)
#if DB_VERSION_MAJOR < 4
/* BDB 4.1.17 adds txn arg to db->open */
#if DB_VERSION_MINOR > 1 || DB_VERSION_PATCH >= 17
#undef DB_OPEN
-#define DB_OPEN(db, file, name, type, flags, mode) \
- (db)->open(db, NULL, file, name, type, (flags)|DB_AUTO_COMMIT, mode)
+#define DB_OPEN(db, txn, file, name, type, flags, mode) \
+ (db)->open(db, txn, file, name, type, flags, mode)
#endif
#define BDB_REUSE_LOCKERS
int
bdb_db_cache(
Backend *be,
+ DB_TXN *tid,
const char *name,
DB **dbout )
{
int i;
int rc;
+ int flags;
struct bdb_info *bdb = (struct bdb_info *) be->be_private;
struct bdb_db_info *db;
char *file;
#ifdef HAVE_EBCDIC
__atoe( file );
#endif
- rc = DB_OPEN( db->bdi_db,
+ flags = bdb->bi_db_opflags | DB_CREATE | DB_THREAD;
+ if ( !tid ) flags |= DB_AUTO_COMMIT;
+ rc = DB_OPEN( db->bdi_db, tid,
file, name,
- DB_HASH, bdb->bi_db_opflags | DB_CREATE | DB_THREAD,
+ DB_HASH, flags,
bdb->bi_dbenv_mode );
ch_free( file );
struct berval bv;
int rc;
#ifdef BDB_HIER
- char *odn, *ondn;
+ struct berval odn, ondn;
/* We only store rdns, and they go in the id2parent database. */
- odn = e->e_dn; ondn = e->e_ndn;
+ odn = e->e_name; ondn = e->e_nname;
- e->e_dn = ""; e->e_ndn = "";
+ e->e_name = slap_empty_bv;
+ e->e_nname = slap_empty_bv;
#endif
DBTzero( &key );
key.data = (char *) &e->e_id;
rc = entry_encode( e, &bv );
#ifdef BDB_HIER
- e->e_dn = odn; e->e_ndn = ondn;
+ e->e_name = odn; e->e_nname = ondn;
#endif
if( rc != LDAP_SUCCESS ) {
return -1;
return LDAP_INAPPROPRIATE_MATCHING;
}
- rc = bdb_db_cache( be, dbname, &db );
+ rc = bdb_db_cache( be, NULL, dbname, &db );
if( rc != LDAP_SUCCESS ) {
return rc;
assert( mask );
- rc = bdb_db_cache( be, dbname, &db );
+ rc = bdb_db_cache( be, txn, dbname, &db );
if ( rc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
#ifdef HAVE_EBCDIC
strcpy( path, bdbi_databases[i].file );
__atoe( path );
- rc = DB_OPEN( db->bdi_db,
+ rc = DB_OPEN( db->bdi_db, NULL,
path,
/* bdbi_databases[i].name, */ NULL,
bdbi_databases[i].type,
- bdbi_databases[i].flags | flags,
+ bdbi_databases[i].flags | flags | DB_AUTO_COMMIT,
bdb->bi_dbenv_mode );
#else
- rc = DB_OPEN( db->bdi_db,
+ rc = DB_OPEN( db->bdi_db, NULL,
bdbi_databases[i].file,
/* bdbi_databases[i].name, */ NULL,
bdbi_databases[i].type,
- bdbi_databases[i].flags | flags,
+ bdbi_databases[i].flags | flags | DB_AUTO_COMMIT,
bdb->bi_dbenv_mode );
#endif
struct berval id = { 0, NULL };
struct berval new = { 0, NULL };
- struct berval dn;
- struct berval ndn;
+ struct berval dn = { 0, NULL };
+ struct berval ndn = { 0, NULL };
u_int32_t locker = 0;
DB_LOCK lock;
free( hash.bv_val );
}
+ if( ndn.bv_val != NULL ) {
+ free( ndn.bv_val );
+ }
+
if( ltid != NULL ) {
TXN_ABORT( ltid );
op->o_private = NULL;
int
bdb_db_cache(
Backend *be,
+ DB_TXN *tid,
const char *name,
DB **db );
scope, deref, candidates );
}
- /* need normalized dn below */
- ber_dupbv( &realbase, &e->e_nname );
-
/* start cursor at beginning of candidates.
*/
cursor = 0;
+ /* need normalized dn below */
+ ber_dupbv( &realbase, &e->e_nname );
+
if ( e != &slap_entry_root ) {
bdb_cache_return_entry_r(bdb->bi_dbenv, &bdb->bi_cache, e, &lock);
}
struct berval id = { 0, NULL };
struct berval new = { 0, NULL };
- struct berval dn;
- struct berval ndn;
+ struct berval dn = { 0, NULL };
+ struct berval ndn = { 0, NULL };
assert( reqoid != NULL );
assert( strcmp( LDAP_EXOP_MODIFY_PASSWD, reqoid ) == 0 );
ava->la_attr = ad->ad_cname;
if( ava->la_flags & LDAP_AVA_BINARY ) {
+ if( ava->la_value.bv_len == 0 ) {
+ /* BER encoding is empty */
+ return LDAP_INVALID_SYNTAX;
+ }
+
/* AVA is binary encoded, don't muck with it */
validf = NULL;
transf = NULL;
entry_putlen(&ptr, i);
for (i=0; a->a_vals[i].bv_val; i++) {
entry_putlen(&ptr, a->a_vals[i].bv_len);
- memcpy(ptr, a->a_vals[i].bv_val,
+ AC_MEMCPY(ptr, a->a_vals[i].bv_val,
a->a_vals[i].bv_len);
ptr += a->a_vals[i].bv_len;
*ptr++ = '\0';
/* Retrieve an Entry that was stored using entry_encode above.
* We malloc a single block with the size stored above for the Entry
- * and all if its Attributes. We also must lookup the stored
+ * and all of its Attributes. We also must lookup the stored
* attribute names to get AttributeDescriptions. To detect if the
* attributes of an Entry are later modified, we note that e->e_attr
* is always a constant offset from (e).
}
a = attr_find( e->e_attrs, ad );
if ( !a ) continue;
- if ( ! access_allowed( be, conn, op, e, ad, NULL, ACL_AUTH, NULL ) )
+ if ( ! access_allowed( be, conn, op, e, ad, NULL, ACL_AUTH, NULL ) ) {
continue;
- if ( sl->list[i].values && ( sl->flags & SASL_AUXPROP_OVERRIDE ) )
- sl->sparams->utils->prop_erase( sl->sparams->propctx, sl->list[i].name );
+ }
+ if ( sl->list[i].values && ( sl->flags & SASL_AUXPROP_OVERRIDE ) ) {
+ sl->sparams->utils->prop_erase( sl->sparams->propctx,
+ sl->list[i].name );
+ }
for ( bv = a->a_vals; bv->bv_val; bv++ ) {
- sl->sparams->utils->prop_set( sl->sparams->propctx, sl->list[i].name,
- bv->bv_val, bv->bv_len );
+ sl->sparams->utils->prop_set( sl->sparams->propctx,
+ sl->list[i].name, bv->bv_val, bv->bv_len );
}
}
return LDAP_SUCCESS;
snprintf( textbuf, textlen,
"naming attribute '%s' is not present in entry",
ava->la_attr.bv_val );
- rc = LDAP_NO_SUCH_ATTRIBUTE;
+ rc = LDAP_NAMING_VIOLATION;
break;
}
+
+ if( ava->la_flags & LDAP_AVA_BINARY ) {
+ snprintf( textbuf, textlen,
+ "value of naming attribute '%s' in unsupported BER form",
+ ava->la_attr.bv_val );
+ rc = LDAP_NAMING_VIOLATION;
+ }
+
if ( value_find( desc, attr->a_vals, &ava->la_value ) != 0 ) {
snprintf( textbuf, textlen,
"value of naming attribute '%s' is not present in entry",
ava->la_attr.bv_val );
- rc = LDAP_NO_SUCH_ATTRIBUTE;
+ rc = LDAP_NAMING_VIOLATION;
break;
}
}
# Use of strong authentication encouraged.
rootpw secret
# The database directory MUST exist prior to running slapd AND
-# should only be accessible by the slapd/tools. Mode 700 recommended.
+# should only be accessible by the slapd and slap tools.
+# Mode 700 recommended.
directory %LOCALSTATEDIR%/openldap-data
# Indices to maintain
index objectClass eq
projects / openldap / commitdiff