ITS#5760

warnings fix

CHANGES

@@ -2,6 +2,7 @@ OpenLDAP 2.4 Change Log
 
 OpenLDAP 2.4.15 Engineering
 	Fixed slapd corrupt contextCSN (ITS#5947)
+	Fixed slapo-rwm objectClass preservation (ITS#5760)
 
 OpenLDAP 2.4.14 Release (2009/02/14)
 	Added libldap option to disable SASL host canonicalization (ITS#5812)

include/ldap.h

@@ -1345,6 +1345,22 @@ ldap_perror LDAP_P((	/* deprecated, use ldap_err2string */
 #endif
 
 
+/*
+ * gssapi.c:
+ */
+LDAP_F( int )
+ldap_gssapi_bind LDAP_P((
+	LDAP *ld,
+	LDAP_CONST char *dn,
+	LDAP_CONST char *creds ));
+
+LDAP_F( int )
+ldap_gssapi_bind_s LDAP_P((
+	LDAP *ld,
+	LDAP_CONST char *dn,
+	LDAP_CONST char *creds ));
+
+
 /*
  * in modify.c:
  */

include/ldap_pvt.h

@@ -286,6 +286,11 @@ LDAP_F (int) ldap_open_internal_connection LDAP_P((
 LDAP_F (int) ldap_init_fd LDAP_P((
 	ber_socket_t fd, int proto, LDAP_CONST char *url, struct ldap **ldp ));
 
+/* sasl.c */
+LDAP_F (int) ldap_pvt_sasl_generic_install LDAP_P(( Sockbuf *sb,
+	struct sb_sasl_generic_install *install_arg ));
+LDAP_F (void) ldap_pvt_sasl_generic_remove LDAP_P(( Sockbuf *sb ));
+
 /* search.c */
 LDAP_F( int ) ldap_pvt_put_filter LDAP_P((
 	BerElement *ber,

servers/slapd/ad.c

@@ -27,6 +27,10 @@
 #include "slap.h"
 #include "lutil.h"
 
+static struct berval bv_no_attrs = BER_BVC( LDAP_NO_ATTRS );
+static struct berval bv_all_user_attrs = BER_BVC( "*" );
+static struct berval bv_all_operational_attrs = BER_BVC( "+" );
+
 static AttributeName anlist_no_attrs[] = {
 	{ BER_BVC( LDAP_NO_ATTRS ), NULL, 0, NULL },
 	{ BER_BVNULL, NULL, 0, NULL }
@@ -53,6 +57,10 @@ AttributeName *slap_anlist_all_user_attributes = anlist_all_user_attributes;
 AttributeName *slap_anlist_all_operational_attributes = anlist_all_operational_attributes;
 AttributeName *slap_anlist_all_attributes = anlist_all_attributes;
 
+struct berval * slap_bv_no_attrs = &bv_no_attrs;
+struct berval * slap_bv_all_user_attrs = &bv_all_user_attrs;
+struct berval * slap_bv_all_operational_attrs = &bv_all_operational_attrs;
+
 typedef struct Attr_option {
 	struct berval name;	/* option name or prefix */
 	int           prefix;	/* NAME is a tag and range prefix */

servers/slapd/back-meta/back-meta.h

@@ -318,6 +318,8 @@ typedef struct metatarget_t {
 #define	META_BACK_TGT_NOREFS(mt)		META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_NOREFS )
 #define	META_BACK_TGT_NOUNDEFFILTER(mt)		META_BACK_TGT_ISSET( (mt), LDAP_BACK_F_NOUNDEFFILTER )
 
+	slap_mask_t		mt_rep_flags;
+
 	int			mt_version;
 	time_t			mt_network_timeout;
 	struct timeval		mt_bind_timeout;

servers/slapd/back-meta/init.c

@@ -170,6 +170,8 @@ meta_back_db_open(
 		slap_bindconf	sb = { BER_BVNULL };
 		metatarget_t	*mt = mi->mi_targets[ i ];
 
+		struct berval mapped;
+
 		ber_str2bv( mt->mt_uri, 0, 0, &sb.sb_uri );
 		sb.sb_version = mt->mt_version;
 		sb.sb_method = LDAP_AUTH_SIMPLE;
@@ -224,6 +226,22 @@ meta_back_db_open(
 				not_always_anon_non_prescriptive = 1;
 			}
 		}
+
+		BER_BVZERO( &mapped );
+		ldap_back_map( &mt->mt_rwmap.rwm_at, 
+			&slap_schema.si_ad_entryDN->ad_cname, &mapped,
+			BACKLDAP_REMAP );
+		if ( BER_BVISNULL( &mapped ) || mapped.bv_val[0] == '\0' ) {
+			mt->mt_rep_flags |= REP_NO_ENTRYDN;
+		}
+
+		BER_BVZERO( &mapped );
+		ldap_back_map( &mt->mt_rwmap.rwm_at, 
+			&slap_schema.si_ad_subschemaSubentry->ad_cname, &mapped,
+			BACKLDAP_REMAP );
+		if ( BER_BVISNULL( &mapped ) || mapped.bv_val[0] == '\0' ) {
+			mt->mt_rep_flags |= REP_NO_SUBSCHEMA;
+		}
 	}
 
 	if ( not_always == 0 ) {

servers/slapd/back-meta/map.c

@@ -119,6 +119,15 @@ ldap_back_mapping ( struct ldapmap *map, struct berval *s, struct ldapmapping **
 
 	assert( m != NULL );
 
+	/* let special attrnames slip through (ITS#5760) */
+	if ( bvmatch( s, slap_bv_no_attrs )
+		|| bvmatch( s, slap_bv_all_user_attrs )
+		|| bvmatch( s, slap_bv_all_operational_attrs ) )
+	{
+		*m = NULL;
+		return 0;
+	}
+
 	if ( remap == BACKLDAP_REMAP ) {
 		tree = map->remap;
 
@@ -140,6 +149,7 @@ ldap_back_map ( struct ldapmap *map, struct berval *s, struct berval *bv,
 	int remap )
 {
 	struct ldapmapping *mapping;
+	int drop_missing;
 
 	/* map->map may be NULL when mapping is configured,
 	 * but map->remap can't */
@@ -149,7 +159,7 @@ ldap_back_map ( struct ldapmap *map, struct berval *s, struct berval *bv,
 	}
 
 	BER_BVZERO( bv );
-	( void )ldap_back_mapping( map, s, &mapping, remap );
+	drop_missing = ldap_back_mapping( map, s, &mapping, remap );
 	if ( mapping != NULL ) {
 		if ( !BER_BVISNULL( &mapping->dst ) ) {
 			*bv = mapping->dst;
@@ -157,7 +167,7 @@ ldap_back_map ( struct ldapmap *map, struct berval *s, struct berval *bv,
 		return;
 	}
 
-	if ( !map->drop_missing ) {
+	if ( !drop_missing ) {
 		*bv = *s;
 	}
 }

servers/slapd/back-meta/search.c

@@ -2147,7 +2147,7 @@ next_attr:;
 	rs->sr_entry = &ent;
 	rs->sr_attrs = op->ors_attrs;
 	rs->sr_operational_attrs = NULL;
-	rs->sr_flags = 0;
+	rs->sr_flags = mi->mi_targets[ target ]->mt_rep_flags;
 	rs->sr_err = LDAP_SUCCESS;
 	rc = send_search_entry( op, rs );
 	switch ( rc ) {

servers/slapd/back-sql/entry-id.c

@@ -1042,7 +1042,7 @@ next:;
 	}
 
 	if ( ( bsi->bsi_flags & BSQL_SF_ALL_OPER )
-			|| an_find( bsi->bsi_attrs, &AllOper )
+			|| an_find( bsi->bsi_attrs, slap_bv_all_operational_attrs )
 			|| an_find( bsi->bsi_attrs, &slap_schema.si_ad_structuralObjectClass->ad_cname ) )
 	{
 		ObjectClass	*soc = NULL;

servers/slapd/back-sql/search.c

@@ -184,7 +184,7 @@ backsql_init_search(
 			BER_BVZERO( &bsi->bsi_attrs[ 0 ].an_name );
 	
 			for ( p = attrs; !BER_BVISNULL( &p->an_name ); p++ ) {
-				if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
+				if ( BACKSQL_NCMP( &p->an_name, slap_bv_all_user_attrs ) == 0 ) {
 					/* handle "*" */
 					bsi->bsi_flags |= BSQL_SF_ALL_USER;
 
@@ -198,7 +198,7 @@ backsql_init_search(
 					}
 					continue;
 
-				} else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
+				} else if ( BACKSQL_NCMP( &p->an_name, slap_bv_all_operational_attrs ) == 0 ) {
 					/* handle "+" */
 					bsi->bsi_flags |= BSQL_SF_ALL_OPER;
 
@@ -212,7 +212,7 @@ backsql_init_search(
 					}
 					continue;
 
-				} else if ( BACKSQL_NCMP( &p->an_name, &NoAttrs ) == 0 ) {
+				} else if ( BACKSQL_NCMP( &p->an_name, slap_bv_no_attrs ) == 0 ) {
 					/* ignore "1.1" */
 					continue;
 
@@ -237,7 +237,7 @@ backsql_init_search(
 			
 			/* use hints if available */
 			for ( p = bi->sql_anlist; !BER_BVISNULL( &p->an_name ); p++ ) {
-				if ( BACKSQL_NCMP( &p->an_name, &AllUser ) == 0 ) {
+				if ( BACKSQL_NCMP( &p->an_name, slap_bv_all_user_attrs ) == 0 ) {
 					/* handle "*" */
 					bsi->bsi_flags |= BSQL_SF_ALL_USER;
 
@@ -251,7 +251,7 @@ backsql_init_search(
 					}
 					continue;
 
-				} else if ( BACKSQL_NCMP( &p->an_name, &AllOper ) == 0 ) {
+				} else if ( BACKSQL_NCMP( &p->an_name, slap_bv_all_operational_attrs ) == 0 ) {
 					/* handle "+" */
 					bsi->bsi_flags |= BSQL_SF_ALL_OPER;
 

servers/slapd/init.c

@@ -55,10 +55,6 @@ int		ldap_syslog_level = LOG_DEBUG;
 
 BerVarray default_referral = NULL;
 
-struct berval AllUser = BER_BVC( LDAP_ALL_USER_ATTRIBUTES );
-struct berval AllOper = BER_BVC( LDAP_ALL_OPERATIONAL_ATTRIBUTES );
-struct berval NoAttrs = BER_BVC( LDAP_NO_ATTRS );
-
 /*
  * global variables that need mutex protection
  */

servers/slapd/overlays/dynlist.c

@@ -266,8 +266,8 @@ dynlist_sc_update( Operation *op, SlapReply *rs )
 	}
 
 #ifndef SLAP_OPATTRS
-	opattrs = ( rs->sr_attrs == NULL ) ? 0 : an_find( rs->sr_attrs, &AllOper );
-	userattrs = ( rs->sr_attrs == NULL ) ? 1 : an_find( rs->sr_attrs, &AllUser );
+	opattrs = ( rs->sr_attrs == NULL ) ? 0 : an_find( rs->sr_attrs, slap_bv_operational_attrs );
+	userattrs = ( rs->sr_attrs == NULL ) ? 1 : an_find( rs->sr_attrs, slap_bv_user_attrs );
 #else /* SLAP_OPATTRS */
 	opattrs = SLAP_OPATTRS( rs->sr_attr_flags );
 	userattrs = SLAP_USERATTRS( rs->sr_attr_flags );
@@ -416,8 +416,8 @@ dynlist_prepare_entry( Operation *op, SlapReply *rs, dynlist_info_t *dli )
 	}
 
 #ifndef SLAP_OPATTRS
-	opattrs = ( rs->sr_attrs == NULL ) ? 0 : an_find( rs->sr_attrs, &AllOper );
-	userattrs = ( rs->sr_attrs == NULL ) ? 1 : an_find( rs->sr_attrs, &AllUser );
+	opattrs = ( rs->sr_attrs == NULL ) ? 0 : an_find( rs->sr_attrs, slap_bv_operational_attrs );
+	userattrs = ( rs->sr_attrs == NULL ) ? 1 : an_find( rs->sr_attrs, slap_bv_user_attrs );
 #else /* SLAP_OPATTRS */
 	opattrs = SLAP_OPATTRS( rs->sr_attr_flags );
 	userattrs = SLAP_USERATTRS( rs->sr_attr_flags );

servers/slapd/overlays/pcache.c

@@ -2168,8 +2168,8 @@ add_filter_attrs(
 		(*new_attrs)[i].an_desc = attrs->attrs[i].an_desc;
 	}
 	BER_BVZERO( &(*new_attrs)[i].an_name );
-	alluser = an_find(*new_attrs, &AllUser);
-	allop = an_find(*new_attrs, &AllOper);
+	alluser = an_find( *new_attrs, slap_bv_all_user_attrs );
+	allop = an_find( *new_attrs, slap_bv_all_operational_attrs );
 
 	j = i;
 	for ( i=0; i<fattr_cnt; i++ ) {

servers/slapd/overlays/rwm.c

@@ -1197,76 +1197,70 @@ rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first, int stripEntryDN )
 		int			last = -1;
 		Attribute		*a;
 
-		if ( SLAP_OPATTRS( rs->sr_attr_flags ) && is_at_operational( (*ap)->a_desc->ad_type ) )
+		if ( op->ors_attrs != NULL && 
+				!SLAP_USERATTRS( rs->sr_attr_flags ) &&
+				!ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
 		{
-			/* go on */ ;
-			
-		} else {
-			if ( op->ors_attrs != NULL && 
-					!SLAP_USERATTRS( rs->sr_attr_flags ) &&
-					!ad_inlist( (*ap)->a_desc, op->ors_attrs ) )
-			{
-				goto cleanup_attr;
-			}
+			goto cleanup_attr;
+		}
 
-			drop_missing = rwm_mapping( &rwmap->rwm_at,
-					&(*ap)->a_desc->ad_cname, &mapping, RWM_REMAP );
-			if ( drop_missing || ( mapping != NULL && BER_BVISEMPTY( &mapping->m_dst ) ) )
-			{
-				goto cleanup_attr;
-			}
-			if ( mapping != NULL ) {
-				assert( mapping->m_dst_ad != NULL );
+		drop_missing = rwm_mapping( &rwmap->rwm_at,
+				&(*ap)->a_desc->ad_cname, &mapping, RWM_REMAP );
+		if ( drop_missing || ( mapping != NULL && BER_BVISEMPTY( &mapping->m_dst ) ) )
+		{
+			goto cleanup_attr;
+		}
+		if ( mapping != NULL ) {
+			assert( mapping->m_dst_ad != NULL );
 
-				/* try to normalize mapped Attributes if the original 
-				 * AttributeType was not normalized */
-				if ( (!(*ap)->a_desc->ad_type->sat_equality || 
-					!(*ap)->a_desc->ad_type->sat_equality->smr_normalize) &&
-					mapping->m_dst_ad->ad_type->sat_equality &&
-					mapping->m_dst_ad->ad_type->sat_equality->smr_normalize )
+			/* try to normalize mapped Attributes if the original 
+			 * AttributeType was not normalized */
+			if ( (!(*ap)->a_desc->ad_type->sat_equality || 
+				!(*ap)->a_desc->ad_type->sat_equality->smr_normalize) &&
+				mapping->m_dst_ad->ad_type->sat_equality &&
+				mapping->m_dst_ad->ad_type->sat_equality->smr_normalize )
+			{
+				if ((rwmap->rwm_flags & RWM_F_NORMALIZE_MAPPED_ATTRS))
 				{
-					if ((rwmap->rwm_flags & RWM_F_NORMALIZE_MAPPED_ATTRS))
+					int i = 0;
+
+					last = (*ap)->a_numvals;
+					if ( last )
 					{
-						int i = 0;
-
-						last = (*ap)->a_numvals;
-						if ( last )
-						{
-							(*ap)->a_nvals = ch_malloc( (last+1) * sizeof(struct berval) );
-
-							for ( i = 0; !BER_BVISNULL( &(*ap)->a_vals[i]); i++ ) {
-								int		rc;
-								/*
-								 * check that each value is valid per syntax
-								 * and pretty if appropriate
-								 */
-								rc = mapping->m_dst_ad->ad_type->sat_equality->smr_normalize(
-									SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
-									mapping->m_dst_ad->ad_type->sat_syntax,
-									mapping->m_dst_ad->ad_type->sat_equality,
-									&(*ap)->a_vals[i], &(*ap)->a_nvals[i],
-									NULL );
-
-								if ( rc != LDAP_SUCCESS ) {
-									BER_BVZERO( &(*ap)->a_nvals[i] );
-								}
+						(*ap)->a_nvals = ch_malloc( (last+1) * sizeof(struct berval) );
+
+						for ( i = 0; !BER_BVISNULL( &(*ap)->a_vals[i]); i++ ) {
+							int		rc;
+							/*
+							 * check that each value is valid per syntax
+							 * and pretty if appropriate
+							 */
+							rc = mapping->m_dst_ad->ad_type->sat_equality->smr_normalize(
+								SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
+								mapping->m_dst_ad->ad_type->sat_syntax,
+								mapping->m_dst_ad->ad_type->sat_equality,
+								&(*ap)->a_vals[i], &(*ap)->a_nvals[i],
+								NULL );
+
+							if ( rc != LDAP_SUCCESS ) {
+								BER_BVZERO( &(*ap)->a_nvals[i] );
 							}
-							BER_BVZERO( &(*ap)->a_nvals[i] );
 						}
-
-					} else {
-						assert( (*ap)->a_nvals == (*ap)->a_vals );
-						(*ap)->a_nvals = NULL;
-						ber_bvarray_dup_x( &(*ap)->a_nvals, (*ap)->a_vals, NULL );
+						BER_BVZERO( &(*ap)->a_nvals[i] );
 					}
+
+				} else {
+					assert( (*ap)->a_nvals == (*ap)->a_vals );
+					(*ap)->a_nvals = NULL;
+					ber_bvarray_dup_x( &(*ap)->a_nvals, (*ap)->a_vals, NULL );
 				}
+			}
 
-				/* rewrite the attribute description */
-				(*ap)->a_desc = mapping->m_dst_ad;
+			/* rewrite the attribute description */
+			(*ap)->a_desc = mapping->m_dst_ad;
 
-				/* will need to check for duplicate attrs */
-				check_duplicate_attrs++;
-			}
+			/* will need to check for duplicate attrs */
+			check_duplicate_attrs++;
 		}
 
 		if ( (*ap)->a_desc == slap_schema.si_ad_entryDN ) {
@@ -1951,7 +1945,7 @@ static int
 rwm_bva_rewrite_add(
 	struct ldaprwmap	*rwmap,
 	int			idx,
-	const char		*argv[] )
+	char			**argv )
 {
 	char		*line;
 	struct berval	bv;

servers/slapd/overlays/rwmmap.c

@@ -121,6 +121,15 @@ rwm_mapping( struct ldapmap *map, struct berval *s, struct ldapmapping **m, int
 
 	assert( m != NULL );
 
+	/* let special attrnames slip through (ITS#5760) */
+	if ( bvmatch( s, slap_bv_no_attrs )
+		|| bvmatch( s, slap_bv_all_user_attrs )
+		|| bvmatch( s, slap_bv_all_operational_attrs ) )
+	{
+		*m = NULL;
+		return 0;
+	}
+
 	if ( remap == RWM_REMAP ) {
 		tree = map->remap;
 
@@ -312,7 +321,7 @@ rwm_map_attrnames(
 
 	if ( j == 0 && i != 0 ) {
 		memset( &(*anp)[0], 0, sizeof( AttributeName ) );
-		BER_BVSTR( &(*anp)[0].an_name, LDAP_NO_ATTRS );
+		(*anp)[0].an_name = *slap_bv_no_attrs;
 		j = 1;
 	}
 	memset( &(*anp)[j], 0, sizeof( AttributeName ) );

servers/slapd/proto-slap.h

@@ -191,6 +191,15 @@ LDAP_SLAPD_V( AttributeName * ) slap_anlist_all_user_attributes;
 LDAP_SLAPD_V( AttributeName * ) slap_anlist_all_operational_attributes;
 LDAP_SLAPD_V( AttributeName * ) slap_anlist_all_attributes;
 
+LDAP_SLAPD_V( struct berval * ) slap_bv_no_attrs;
+LDAP_SLAPD_V( struct berval * ) slap_bv_all_user_attrs;
+LDAP_SLAPD_V( struct berval * ) slap_bv_all_operational_attrs;
+
+/* deprecated; only defined for backward compatibility */
+#define NoAttrs		(*slap_bv_no_attrs)
+#define AllUser		(*slap_bv_all_user_attrs)
+#define AllOper		(*slap_bv_all_operational_attrs)
+
 /*
  * add.c
  */
@@ -1954,10 +1963,6 @@ LDAP_SLAPD_V (ber_socket_t)	dtblsize;
 
 LDAP_SLAPD_V (int)		use_reverse_lookup;
 
-LDAP_SLAPD_V (struct berval)	AllUser;
-LDAP_SLAPD_V (struct berval)	AllOper;
-LDAP_SLAPD_V (struct berval)	NoAttrs;
-
 /*
  * operations
  */

servers/slapd/result.c

@@ -1656,9 +1656,9 @@ slap_attr_flags( AttributeName *an )
 		flags |= ( SLAP_OPATTRS_NO | SLAP_USERATTRS_YES );
 
 	} else {
-		flags |= an_find( an, &AllOper )
+		flags |= an_find( an, slap_bv_all_operational_attrs )
 			? SLAP_OPATTRS_YES : SLAP_OPATTRS_NO;
-		flags |= an_find( an, &AllUser )
+		flags |= an_find( an, slap_bv_all_user_attrs )
 			? SLAP_USERATTRS_YES : SLAP_USERATTRS_NO;
 	}