Commit 772cd267 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

ITS#5921

parent 9fd6dd57
...@@ -21,6 +21,7 @@ OpenLDAP 2.4.14 Engineering ...@@ -21,6 +21,7 @@ OpenLDAP 2.4.14 Engineering
Fixed slapd connection assert (ITS#5835) Fixed slapd connection assert (ITS#5835)
Fixed slapd epoll handling (ITS#5886) Fixed slapd epoll handling (ITS#5886)
Fixed slapd frontend/backend options handling (ITS#5857) Fixed slapd frontend/backend options handling (ITS#5857)
Fixed slapd manageDSAit with glue entries (ITS#5921)
Fixed slapd syncrepl rename handling (ITS#5809) Fixed slapd syncrepl rename handling (ITS#5809)
Fixed slapd syncrepl MMR when adding new server (ITS#5850) Fixed slapd syncrepl MMR when adding new server (ITS#5850)
Fixed slapd syncrepl MMR with deleted entries (ITS#5843) Fixed slapd syncrepl MMR with deleted entries (ITS#5843)
......
...@@ -94,7 +94,7 @@ txnReturn: ...@@ -94,7 +94,7 @@ txnReturn:
/* check entry's schema */ /* check entry's schema */
rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL, rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL,
get_relax(op), 1, &rs->sr_text, textbuf, textlen ); get_relax(op), 1, NULL, &rs->sr_text, textbuf, textlen );
if ( rs->sr_err != LDAP_SUCCESS ) { if ( rs->sr_err != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, Debug( LDAP_DEBUG_TRACE,
LDAP_XSTRING(bdb_add) ": entry failed schema check: " LDAP_XSTRING(bdb_add) ": entry failed schema check: "
......
...@@ -27,6 +27,44 @@ static struct berval scbva[] = { ...@@ -27,6 +27,44 @@ static struct berval scbva[] = {
BER_BVNULL BER_BVNULL
}; };
static void
bdb_modify_idxflags(
Operation *op,
AttributeDescription *desc,
int got_delete,
Attribute *newattrs,
Attribute *oldattrs )
{
struct berval ix_at;
AttrInfo *ai;
/* check if modified attribute was indexed
* but not in case of NOOP... */
ai = bdb_index_mask( op->o_bd, desc, &ix_at );
if ( ai ) {
if ( got_delete ) {
Attribute *ap;
struct berval ix2;
ap = attr_find( oldattrs, desc );
if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL;
/* Find all other attrs that index to same slot */
for ( ap = newattrs; ap; ap = ap->a_next ) {
ai = bdb_index_mask( op->o_bd, ap->a_desc, &ix2 );
if ( ai && ix2.bv_val == ix_at.bv_val )
ap->a_flags |= SLAP_ATTR_IXADD;
}
} else {
Attribute *ap;
ap = attr_find( newattrs, desc );
if ( ap ) ap->a_flags |= SLAP_ATTR_IXADD;
}
}
}
int bdb_modify_internal( int bdb_modify_internal(
Operation *op, Operation *op,
DB_TXN *tid, DB_TXN *tid,
...@@ -43,7 +81,6 @@ int bdb_modify_internal( ...@@ -43,7 +81,6 @@ int bdb_modify_internal(
Attribute *ap; Attribute *ap;
int glue_attr_delete = 0; int glue_attr_delete = 0;
int got_delete; int got_delete;
AttrInfo *ai;
Debug( LDAP_DEBUG_TRACE, "bdb_modify_internal: 0x%08lx: %s\n", Debug( LDAP_DEBUG_TRACE, "bdb_modify_internal: 0x%08lx: %s\n",
e->e_id, e->e_dn, 0); e->e_id, e->e_dn, 0);
...@@ -89,7 +126,6 @@ int bdb_modify_internal( ...@@ -89,7 +126,6 @@ int bdb_modify_internal(
} }
for ( ml = modlist; ml != NULL; ml = ml->sml_next ) { for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
struct berval ix_at;
mod = &ml->sml_mod; mod = &ml->sml_mod;
got_delete = 0; got_delete = 0;
...@@ -202,31 +238,17 @@ int bdb_modify_internal( ...@@ -202,31 +238,17 @@ int bdb_modify_internal(
if ( glue_attr_delete ) e->e_ocflags = 0; if ( glue_attr_delete ) e->e_ocflags = 0;
/* check if modified attribute was indexed /* check if modified attribute was indexed
* but not in case of NOOP... */ * but not in case of NOOP... */
ai = bdb_index_mask( op->o_bd, mod->sm_desc, &ix_at ); if ( !op->o_noop ) {
if ( ai && !op->o_noop ) { bdb_modify_idxflags( op, mod->sm_desc, got_delete, e->e_attrs, save_attrs );
if ( got_delete ) {
struct berval ix2;
ap = attr_find( save_attrs, mod->sm_desc );
if ( ap ) ap->a_flags |= SLAP_ATTR_IXDEL;
/* Find all other attrs that index to same slot */
for ( ap = e->e_attrs; ap; ap=ap->a_next ) {
ai = bdb_index_mask( op->o_bd, ap->a_desc, &ix2 );
if ( ai && ix2.bv_val == ix_at.bv_val )
ap->a_flags |= SLAP_ATTR_IXADD;
}
} else {
ap = attr_find( e->e_attrs, mod->sm_desc );
if ( ap ) ap->a_flags |= SLAP_ATTR_IXADD;
}
} }
} }
/* check that the entry still obeys the schema */ /* check that the entry still obeys the schema */
rc = entry_schema_check( op, e, save_attrs, get_relax(op), 0, ap = NULL;
rc = entry_schema_check( op, e, save_attrs, get_relax(op), 0, &ap,
text, textbuf, textlen ); text, textbuf, textlen );
if ( rc != LDAP_SUCCESS || op->o_noop ) { if ( rc != LDAP_SUCCESS || op->o_noop ) {
attrs_free( e->e_attrs ); attrs_free( e->e_attrs );
...@@ -246,6 +268,15 @@ int bdb_modify_internal( ...@@ -246,6 +268,15 @@ int bdb_modify_internal(
return rc; return rc;
} }
/* structuralObjectClass modified! */
if ( ap ) {
assert( ap->a_desc == slap_schema.si_ad_structuralObjectClass );
if ( !op->o_noop ) {
bdb_modify_idxflags( op, slap_schema.si_ad_structuralObjectClass,
1, e->e_attrs, save_attrs );
}
}
/* update the indices of the modified attributes */ /* update the indices of the modified attributes */
/* start with deleting the old index entries */ /* start with deleting the old index entries */
......
...@@ -1065,7 +1065,7 @@ apply_modify_to_entry( ...@@ -1065,7 +1065,7 @@ apply_modify_to_entry(
entry->e_ocflags = 0; entry->e_ocflags = 0;
} }
/* check that the entry still obeys the schema */ /* check that the entry still obeys the schema */
rc = entry_schema_check( op, entry, NULL, 0, 0, rc = entry_schema_check( op, entry, NULL, 0, 0, NULL,
&rs->sr_text, textbuf, sizeof( textbuf ) ); &rs->sr_text, textbuf, sizeof( textbuf ) );
} }
...@@ -1230,7 +1230,7 @@ ldif_back_add( Operation *op, SlapReply *rs ) ...@@ -1230,7 +1230,7 @@ ldif_back_add( Operation *op, SlapReply *rs )
Debug( LDAP_DEBUG_TRACE, "ldif_back_add: \"%s\"\n", e->e_dn, 0, 0 ); Debug( LDAP_DEBUG_TRACE, "ldif_back_add: \"%s\"\n", e->e_dn, 0, 0 );
rc = entry_schema_check( op, e, NULL, 0, 1, rc = entry_schema_check( op, e, NULL, 0, 1, NULL,
&rs->sr_text, textbuf, sizeof( textbuf ) ); &rs->sr_text, textbuf, sizeof( textbuf ) );
if ( rc != LDAP_SUCCESS ) if ( rc != LDAP_SUCCESS )
goto send_res; goto send_res;
......
...@@ -181,7 +181,7 @@ monitor_subsys_log_modify( ...@@ -181,7 +181,7 @@ monitor_subsys_log_modify(
} }
/* check that the entry still obeys the schema */ /* check that the entry still obeys the schema */
rc = entry_schema_check( op, e, save_attrs, 0, 0, rc = entry_schema_check( op, e, save_attrs, 0, 0, NULL,
&text, textbuf, sizeof( textbuf ) ); &text, textbuf, sizeof( textbuf ) );
if ( rc != LDAP_SUCCESS ) { if ( rc != LDAP_SUCCESS ) {
rs->sr_err = rc; rs->sr_err = rc;
......
...@@ -54,7 +54,7 @@ ndb_back_add(Operation *op, SlapReply *rs ) ...@@ -54,7 +54,7 @@ ndb_back_add(Operation *op, SlapReply *rs )
/* check entry's schema */ /* check entry's schema */
rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL, rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL,
get_relax(op), 1, &rs->sr_text, textbuf, textlen ); get_relax(op), 1, NULL, &rs->sr_text, textbuf, textlen );
if ( rs->sr_err != LDAP_SUCCESS ) { if ( rs->sr_err != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, Debug( LDAP_DEBUG_TRACE,
LDAP_XSTRING(ndb_back_add) ": entry failed schema check: " LDAP_XSTRING(ndb_back_add) ": entry failed schema check: "
......
...@@ -322,7 +322,7 @@ int ndb_modify_internal( ...@@ -322,7 +322,7 @@ int ndb_modify_internal(
} }
/* check that the entry still obeys the schema */ /* check that the entry still obeys the schema */
rc = entry_schema_check( op, NA->e, NULL, get_relax(op), 0, rc = entry_schema_check( op, NA->e, NULL, get_relax(op), 0, NULL,
text, textbuf, textlen ); text, textbuf, textlen );
if ( rc != LDAP_SUCCESS || op->o_noop ) { if ( rc != LDAP_SUCCESS || op->o_noop ) {
if ( rc != LDAP_SUCCESS ) { if ( rc != LDAP_SUCCESS ) {
......
...@@ -962,7 +962,7 @@ backsql_add( Operation *op, SlapReply *rs ) ...@@ -962,7 +962,7 @@ backsql_add( Operation *op, SlapReply *rs )
if ( BACKSQL_CHECK_SCHEMA( bi ) ) { if ( BACKSQL_CHECK_SCHEMA( bi ) ) {
char textbuf[ SLAP_TEXT_BUFLEN ] = { '\0' }; char textbuf[ SLAP_TEXT_BUFLEN ] = { '\0' };
rs->sr_err = entry_schema_check( op, op->ora_e, NULL, 0, 1, rs->sr_err = entry_schema_check( op, op->ora_e, NULL, 0, 1, NULL,
&rs->sr_text, textbuf, sizeof( textbuf ) ); &rs->sr_text, textbuf, sizeof( textbuf ) );
if ( rs->sr_err != LDAP_SUCCESS ) { if ( rs->sr_err != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, " backsql_add(\"%s\"): " Debug( LDAP_DEBUG_TRACE, " backsql_add(\"%s\"): "
......
...@@ -152,7 +152,7 @@ backsql_modify( Operation *op, SlapReply *rs ) ...@@ -152,7 +152,7 @@ backsql_modify( Operation *op, SlapReply *rs )
goto do_transact; goto do_transact;
} }
rs->sr_err = entry_schema_check( op, &m, NULL, 0, 0, rs->sr_err = entry_schema_check( op, &m, NULL, 0, 0, NULL,
&rs->sr_text, textbuf, sizeof( textbuf ) ); &rs->sr_text, textbuf, sizeof( textbuf ) );
if ( rs->sr_err != LDAP_SUCCESS ) { if ( rs->sr_err != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, " backsql_modify(\"%s\"): " Debug( LDAP_DEBUG_TRACE, " backsql_modify(\"%s\"): "
......
...@@ -455,7 +455,7 @@ backsql_modrdn( Operation *op, SlapReply *rs ) ...@@ -455,7 +455,7 @@ backsql_modrdn( Operation *op, SlapReply *rs )
e_id = bsi.bsi_base_id; e_id = bsi.bsi_base_id;
rs->sr_err = entry_schema_check( op, &r, NULL, 0, 0, rs->sr_err = entry_schema_check( op, &r, NULL, 0, 0, NULL,
&rs->sr_text, textbuf, sizeof( textbuf ) ); &rs->sr_text, textbuf, sizeof( textbuf ) );
if ( rs->sr_err != LDAP_SUCCESS ) { if ( rs->sr_err != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(\"%s\"): " Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(\"%s\"): "
......
...@@ -4695,7 +4695,7 @@ config_back_add( Operation *op, SlapReply *rs ) ...@@ -4695,7 +4695,7 @@ config_back_add( Operation *op, SlapReply *rs )
{ {
char textbuf[SLAP_TEXT_BUFLEN]; char textbuf[SLAP_TEXT_BUFLEN];
size_t textlen = sizeof textbuf; size_t textlen = sizeof textbuf;
rs->sr_err = entry_schema_check(op, op->ora_e, NULL, 0, 1, rs->sr_err = entry_schema_check(op, op->ora_e, NULL, 0, 1, NULL,
&rs->sr_text, textbuf, sizeof( textbuf ) ); &rs->sr_text, textbuf, sizeof( textbuf ) );
if ( rs->sr_err != LDAP_SUCCESS ) if ( rs->sr_err != LDAP_SUCCESS )
goto out; goto out;
...@@ -4941,7 +4941,7 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs, ...@@ -4941,7 +4941,7 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs,
if ( rc == LDAP_SUCCESS) { if ( rc == LDAP_SUCCESS) {
/* check that the entry still obeys the schema */ /* check that the entry still obeys the schema */
rc = entry_schema_check(op, e, NULL, 0, 0, rc = entry_schema_check(op, e, NULL, 0, 0, NULL,
&rs->sr_text, ca->cr_msg, sizeof(ca->cr_msg) ); &rs->sr_text, ca->cr_msg, sizeof(ca->cr_msg) );
} }
if ( rc ) goto out_noop; if ( rc ) goto out_noop;
......
...@@ -1643,6 +1643,7 @@ LDAP_SLAPD_F( int ) entry_schema_check( ...@@ -1643,6 +1643,7 @@ LDAP_SLAPD_F( int ) entry_schema_check(
Attribute *attrs, Attribute *attrs,
int manage, int manage,
int add, int add,
Attribute **socp,
const char** text, const char** text,
char *textbuf, size_t textlen ); char *textbuf, size_t textlen );
......
...@@ -49,6 +49,7 @@ entry_schema_check( ...@@ -49,6 +49,7 @@ entry_schema_check(
Attribute *oldattrs, Attribute *oldattrs,
int manage, int manage,
int add, int add,
Attribute **socp,
const char** text, const char** text,
char *textbuf, size_t textlen ) char *textbuf, size_t textlen )
{ {
...@@ -212,15 +213,28 @@ got_soc: ...@@ -212,15 +213,28 @@ got_soc:
rc = LDAP_OBJECT_CLASS_VIOLATION; rc = LDAP_OBJECT_CLASS_VIOLATION;
goto done; goto done;
} else if ( sc != slap_schema.si_oc_glue && sc != oc ) { } else if ( sc != oc ) {
snprintf( textbuf, textlen, if ( !manage && sc != slap_schema.si_oc_glue ) {
"structural object class modification " snprintf( textbuf, textlen,
"from '%s' to '%s' not allowed", "structural object class modification "
asc->a_vals[0].bv_val, oc->soc_cname.bv_val ); "from '%s' to '%s' not allowed",
rc = LDAP_NO_OBJECT_CLASS_MODS; asc->a_vals[0].bv_val, oc->soc_cname.bv_val );
goto done; rc = LDAP_NO_OBJECT_CLASS_MODS;
} else if ( sc == slap_schema.si_oc_glue ) { goto done;
}
assert( asc->a_vals != NULL );
assert( !BER_BVISNULL( &asc->a_vals[0] ) );
assert( BER_BVISNULL( &asc->a_vals[1] ) );
assert( asc->a_nvals == asc->a_vals );
/* draft-zeilenga-ldap-relax: automatically modify
* structuralObjectClass if changed with relax */
sc = oc; sc = oc;
ber_bvreplace( &asc->a_vals[ 0 ], &sc->soc_cname );
if ( socp ) {
*socp = asc;
}
} }
/* naming check */ /* naming check */
......
...@@ -192,7 +192,7 @@ slapadd( int argc, char **argv ) ...@@ -192,7 +192,7 @@ slapadd( int argc, char **argv )
op->o_bd = be; op->o_bd = be;
if ( (slapMode & SLAP_TOOL_NO_SCHEMA_CHECK) == 0) { if ( (slapMode & SLAP_TOOL_NO_SCHEMA_CHECK) == 0) {
rc = entry_schema_check( op, e, NULL, manage, 1, rc = entry_schema_check( op, e, NULL, manage, 1, NULL,
&text, textbuf, textlen ); &text, textbuf, textlen );
if( rc != LDAP_SUCCESS ) { if( rc != LDAP_SUCCESS ) {
......
...@@ -3117,7 +3117,7 @@ int slapi_entry_schema_check( Slapi_PBlock *pb, Slapi_Entry *e ) ...@@ -3117,7 +3117,7 @@ int slapi_entry_schema_check( Slapi_PBlock *pb, Slapi_Entry *e )
pb->pb_op->o_bd = select_backend( &e->e_nname, 0 ); pb->pb_op->o_bd = select_backend( &e->e_nname, 0 );
if ( pb->pb_op->o_bd != NULL ) { if ( pb->pb_op->o_bd != NULL ) {
rc = entry_schema_check( pb->pb_op, e, NULL, 0, 0, rc = entry_schema_check( pb->pb_op, e, NULL, 0, 0, NULL,
&text, textbuf, textlen ); &text, textbuf, textlen );
} }
pb->pb_op->o_bd = be_orig; pb->pb_op->o_bd = be_orig;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment