Commit f95c35b1 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

ITS#5265

parent 335d3bfe
......@@ -3,7 +3,9 @@ OpenLDAP 2.4 Change Log
OpenLDAP 2.4.8 Engineering
Fixed slapd include handling (ITS#5276)
Fixed slapd non-atomic signal variables (ITS#5248)
Fixed libldap_r threaded library linking (ITS#4982)
Fixed slapd-ldif delete (ITS#5265)
Build Environment
Fixed libldap_r threaded library linking (ITS#4982)
Documentation
DB_CONFIG.example URL wrong in comments (ITS#5288)
Add cn=config example for auditlog (ITS#5245)
......
......@@ -129,9 +129,15 @@ dn2path(struct berval * orig_dn, struct berval * suffixdn, struct berval * base_
res->bv_len = dn.bv_len + base_path->bv_len + 1 + STRLENOF( LDIF );
res->bv_val = ch_malloc( res->bv_len + 1 );
ptr = lutil_strcopy( res->bv_val, base_path->bv_val );
*ptr++ = LDAP_DIRSEP[0];
ptr = lutil_strcopy( ptr, suffixdn->bv_val );
end = dn.bv_val + dn.bv_len - suffixdn->bv_len - 1;
end = dn.bv_val + dn.bv_len;
if ( !BER_BVISEMPTY( suffixdn ) ) {
*ptr++ = LDAP_DIRSEP[0];
ptr = lutil_strcopy( ptr, suffixdn->bv_val );
end -= suffixdn->bv_len + 1;
} else if ( BER_BVISEMPTY( &dn ) ) {
*ptr++ = LDAP_DIRSEP[0];
}
while ( end > dn.bv_val ) {
for (sep = end-1; sep >= dn.bv_val && !DN_SEPARATOR( *sep ); sep--);
*ptr++ = LDAP_DIRSEP[0];
......@@ -161,6 +167,8 @@ dn2path(struct berval * orig_dn, struct berval * suffixdn, struct berval * base_
if ( dn.bv_val != orig_dn->bv_val ) {
ch_free( dn.bv_val );
}
assert( strlen( res->bv_val ) == res->bv_len );
}
static char * slurp_file(int fd) {
......@@ -393,81 +401,83 @@ typedef struct bvlist {
} bvlist;
static int r_enum_tree(enumCookie *ck, struct berval *path,
static int r_enum_tree(enumCookie *ck, struct berval *path, int base,
struct berval *pdn, struct berval *pndn)
{
Entry *e;
int fd, rc = LDAP_SUCCESS;
Entry *e = NULL;
int fd = 0, rc = LDAP_SUCCESS;
fd = open( path->bv_val, O_RDONLY );
if ( fd < 0 ) {
Debug( LDAP_DEBUG_TRACE,
"=> ldif_enum_tree: failed to open %s: %s\n",
path->bv_val, STRERROR(errno), 0 );
return LDAP_NO_SUCH_OBJECT;
}
if ( !base ) {
fd = open( path->bv_val, O_RDONLY );
if ( fd < 0 ) {
Debug( LDAP_DEBUG_TRACE,
"=> ldif_enum_tree: failed to open %s: %s\n",
path->bv_val, STRERROR(errno), 0 );
return LDAP_NO_SUCH_OBJECT;
}
e = get_entry_for_fd(fd, pdn, pndn);
if ( !e ) {
Debug( LDAP_DEBUG_ANY,
"=> ldif_enum_tree: failed to read entry for %s\n",
path->bv_val, 0, 0 );
return LDAP_BUSY;
}
e = get_entry_for_fd(fd, pdn, pndn);
if ( !e ) {
Debug( LDAP_DEBUG_ANY,
"=> ldif_enum_tree: failed to read entry for %s\n",
path->bv_val, 0, 0 );
return LDAP_BUSY;
}
if ( ck->op->ors_scope == LDAP_SCOPE_BASE ||
ck->op->ors_scope == LDAP_SCOPE_SUBTREE ) {
/* Send right away? */
if ( ck->rs ) {
/*
* if it's a referral, add it to the list of referrals. only do
* this for non-base searches, and don't check the filter
* explicitly here since it's only a candidate anyway.
*/
if ( !get_manageDSAit( ck->op )
&& ck->op->ors_scope != LDAP_SCOPE_BASE
&& is_entry_referral( e ) )
{
BerVarray erefs = get_entry_referrals( ck->op, e );
ck->rs->sr_ref = referral_rewrite( erefs,
&e->e_name, NULL,
ck->op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL
? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE );
ck->rs->sr_entry = e;
rc = send_search_reference( ck->op, ck->rs );
ber_bvarray_free( ck->rs->sr_ref );
ber_bvarray_free( erefs );
ck->rs->sr_ref = NULL;
ck->rs->sr_entry = NULL;
} else if ( test_filter( ck->op, e, ck->op->ors_filter ) == LDAP_COMPARE_TRUE )
{
ck->rs->sr_entry = e;
ck->rs->sr_attrs = ck->op->ors_attrs;
ck->rs->sr_flags = REP_ENTRY_MODIFIABLE;
rc = send_search_entry(ck->op, ck->rs);
ck->rs->sr_entry = NULL;
if ( ck->op->ors_scope == LDAP_SCOPE_BASE ||
ck->op->ors_scope == LDAP_SCOPE_SUBTREE ) {
/* Send right away? */
if ( ck->rs ) {
/*
* if it's a referral, add it to the list of referrals. only do
* this for non-base searches, and don't check the filter
* explicitly here since it's only a candidate anyway.
*/
if ( !get_manageDSAit( ck->op )
&& ck->op->ors_scope != LDAP_SCOPE_BASE
&& is_entry_referral( e ) )
{
BerVarray erefs = get_entry_referrals( ck->op, e );
ck->rs->sr_ref = referral_rewrite( erefs,
&e->e_name, NULL,
ck->op->oq_search.rs_scope == LDAP_SCOPE_ONELEVEL
? LDAP_SCOPE_BASE : LDAP_SCOPE_SUBTREE );
ck->rs->sr_entry = e;
rc = send_search_reference( ck->op, ck->rs );
ber_bvarray_free( ck->rs->sr_ref );
ber_bvarray_free( erefs );
ck->rs->sr_ref = NULL;
ck->rs->sr_entry = NULL;
} else if ( test_filter( ck->op, e, ck->op->ors_filter ) == LDAP_COMPARE_TRUE )
{
ck->rs->sr_entry = e;
ck->rs->sr_attrs = ck->op->ors_attrs;
ck->rs->sr_flags = REP_ENTRY_MODIFIABLE;
rc = send_search_entry(ck->op, ck->rs);
ck->rs->sr_entry = NULL;
}
fd = 1;
if ( rc )
goto done;
} else {
/* Queueing up for tool mode */
if(ck->entries == NULL) {
ck->entries = (Entry **) ch_malloc(sizeof(Entry *) * ENTRY_BUFF_INCREMENT);
ck->elen = ENTRY_BUFF_INCREMENT;
}
if(ck->eind >= ck->elen) { /* grow entries if necessary */
ck->entries = (Entry **) ch_realloc(ck->entries, sizeof(Entry *) * (ck->elen) * 2);
ck->elen *= 2;
}
ck->entries[ck->eind++] = e;
fd = 0;
}
fd = 1;
if ( rc )
goto done;
} else {
/* Queueing up for tool mode */
if(ck->entries == NULL) {
ck->entries = (Entry **) ch_malloc(sizeof(Entry *) * ENTRY_BUFF_INCREMENT);
ck->elen = ENTRY_BUFF_INCREMENT;
}
if(ck->eind >= ck->elen) { /* grow entries if necessary */
ck->entries = (Entry **) ch_realloc(ck->entries, sizeof(Entry *) * (ck->elen) * 2);
ck->elen *= 2;
}
ck->entries[ck->eind++] = e;
fd = 0;
fd = 1;
}
} else {
fd = 1;
}
if ( ck->op->ors_scope != LDAP_SCOPE_BASE ) {
......@@ -551,7 +561,9 @@ static int r_enum_tree(enumCookie *ck, struct berval *path,
AC_MEMCPY( ptr->bv.bv_val + ptr->off, ptr->num.bv_val,
ptr->num.bv_len );
fullpath( path, &ptr->bv, &fpath );
rc = r_enum_tree(ck, &fpath, &e->e_name, &e->e_nname );
rc = r_enum_tree(ck, &fpath, 0,
e != NULL ? &e->e_name : pdn,
e != NULL ? &e->e_nname : pndn );
free(fpath.bv_val);
}
if ( ptr->num.bv_val )
......@@ -578,7 +590,7 @@ enum_tree(
dnParent( &ck->op->o_req_dn, &pdn );
dnParent( &ck->op->o_req_ndn, &pndn );
dn2path( &ck->op->o_req_ndn, &ck->op->o_bd->be_nsuffix[0], &li->li_base_path, &path);
rc = r_enum_tree(ck, &path, &pdn, &pndn);
rc = r_enum_tree(ck, &path, BER_BVISEMPTY( &ck->op->o_req_ndn ) ? 1 : 0, &pdn, &pndn);
ch_free( path.bv_val );
return rc;
}
......@@ -697,6 +709,11 @@ ldif_back_referrals( Operation *op, SlapReply *rs )
return rc;
}
if ( BER_BVISEMPTY( &op->o_req_ndn ) ) {
/* the empty DN cannot be a referral */
return rc;
}
li = (struct ldif_info *)op->o_bd->be_private;
ldap_pvt_thread_rdwr_rlock( &li->li_rdwr );
entry = get_entry( op, &li->li_base_path );
......@@ -711,7 +728,9 @@ ldif_back_referrals( Operation *op, SlapReply *rs )
for ( ; entry == NULL; ) {
dnParent( &pndn, &pndn );
if ( !dnIsSuffix( &pndn, &op->o_bd->be_nsuffix[0] ) ) {
if ( BER_BVISEMPTY( &pndn )
|| !dnIsSuffix( &pndn, &op->o_bd->be_nsuffix[0] ) )
{
break;
}
......@@ -1023,15 +1042,17 @@ static int ldif_back_delete(Operation *op, SlapReply *rs) {
break;
case ENOENT:
rs->sr_err = LDAP_NO_SUCH_OBJECT;
/* is leaf, go on */
res = 0;
break;
default:
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
break;
}
}
} else {
if ( !res ) {
res = unlink(path.bv_val);
if ( res == -1 ) {
switch ( errno ) {
......
# Searching database...
dn: dc=example,dc=com
objectClass: domain
objectClass: domainRelatedObject
dc: example
associatedDomain: example.com
dn: ou=LDAPv2,dc=example,dc=com
objectClass: organizationalUnit
ou: LDAPv2
description: RFC 1779 compliant DN string representation
dn: ou=LDAPv3,dc=example,dc=com
objectClass: organizationalUnit
ou: LDAPv3
description: RFC 2253 compliant DN string representation
dn: cn=May Succeed 1,ou=LDAPv2,dc=example,dc=com
objectClass: groupOfNames
cn: May Succeed 1
member:
description: " " // space, quote characters (") are not part of the string
dn: cn=May Succeed 3,ou=LDAPv2,dc=example,dc=com
objectClass: groupOfNames
cn: May Succeed 3
member: uid=jsmith,o=example,c=US
description: UID=jsmith, O=example, C=US // spaces
dn: cn=May Succeed 4,ou=LDAPv2,dc=example,dc=com
objectClass: groupOfNames
cn: May Succeed 4
member: uid=jsmith,o=example,c=US
description: UID=jsmith;O=example;C=US // semi-colons
dn: cn=May Succeed 6,ou=LDAPv2,dc=example,dc=com
objectClass: groupOfNames
cn: May Succeed 6
member: cn=John Smith,o=example,c=US
description: CN="John Smith",O=example,C=US // quotes
dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com
objectClass: groupOfNames
cn: Must Succeed
......@@ -43,47 +73,6 @@ description: CN=\#John Smith\ ,DC=example,DC=net
description: CN=Lu\C4\8Di\C4\87
description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example
dn: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
objectClass: groupOfNames
cn: Unescaped Equals
member: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
member: cn=A*x\3Db is a linear algebra problem,ou=LDAPv3,dc=example,dc=com
description: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com
// unescaped EQUALS
dn: ou=LDAPv2,dc=example,dc=com
objectClass: organizationalUnit
ou: LDAPv2
description: RFC 1779 compliant DN string representation
dn: cn=May Succeed 1,ou=LDAPv2,dc=example,dc=com
objectClass: groupOfNames
cn: May Succeed 1
member:
description: " " // space, quote characters (") are not part of the string
dn: cn=May Succeed 3,ou=LDAPv2,dc=example,dc=com
objectClass: groupOfNames
cn: May Succeed 3
member: uid=jsmith,o=example,c=US
description: UID=jsmith, O=example, C=US // spaces
dn: cn=May Succeed 4,ou=LDAPv2,dc=example,dc=com
objectClass: groupOfNames
cn: May Succeed 4
member: uid=jsmith,o=example,c=US
description: UID=jsmith;O=example;C=US // semi-colons
dn: cn=May Succeed 6,ou=LDAPv2,dc=example,dc=com
objectClass: groupOfNames
cn: May Succeed 6
member: cn=John Smith,o=example,c=US
description: CN="John Smith",O=example,C=US // quotes
dn: ou=Related Syntaxes,dc=example,dc=com
objectClass: organizationalUnit
ou: Related Syntaxes
dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: Name and Optional UID
......@@ -99,6 +88,10 @@ description: #'0010'B // empty "" DN with leading '0's
description: dc=example,dc=com#'1000'B // with DN portion
description: dc=example,dc=com#'0'B // with DN portion and just one '0'
dn: ou=Related Syntaxes,dc=example,dc=com
objectClass: organizationalUnit
ou: Related Syntaxes
dn: cn=Should Parse as DN,cn=Name and Optional UID,ou=Related Syntaxes,dc=exam
ple,dc=com
objectClass: groupOfUniqueNames
......@@ -110,6 +103,15 @@ description: dc=example,dc=com#0'B // malformed UID?
description: dc=example,dc=com#'0B // malformed UID?
description: dc=example,dc=com '0'B // malformed UID?
dn: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
objectClass: groupOfNames
cn: Unescaped Equals
member: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
member: cn=A*x\3Db is a linear algebra problem,ou=LDAPv3,dc=example,dc=com
description: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com
// unescaped EQUALS
# Searching database for DN="OU=Sales+CN=J. Smith,DC=example,DC=net"...
dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com
objectClass: groupOfNames
cn: Must Succeed
......@@ -144,6 +146,7 @@ description: CN=\#John Smith\ ,DC=example,DC=net
description: CN=Lu\C4\8Di\C4\87
description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example
# Searching database for entryUUID-named DN="testUUID=597ae2f6-16a6-1027-98f4-ABCDEFabcdef,DC=Example"...
dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com
objectClass: groupOfNames
cn: Must Succeed
......@@ -178,6 +181,8 @@ description: CN=\#John Smith\ ,DC=example,DC=net
description: CN=Lu\C4\8Di\C4\87
description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example
# Searching database for nameAndOptionalUID="dc=example,dc=com"...
# Searching database for nameAndOptionalUID="dc=example,dc=com#'001000'B"...
dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: Name and Optional UID
......@@ -193,6 +198,7 @@ description: #'0010'B // empty "" DN with leading '0's
description: dc=example,dc=com#'1000'B // with DN portion
description: dc=example,dc=com#'0'B // with DN portion and just one '0'
# Searching database for uniqueMember~="dc=example,dc=com" (approx)...
dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: Name and Optional UID
......@@ -208,6 +214,7 @@ description: #'0010'B // empty "" DN with leading '0's
description: dc=example,dc=com#'1000'B // with DN portion
description: dc=example,dc=com#'0'B // with DN portion and just one '0'
# Searching database for uniqueMember~="dc=example,dc=com#'001000'B" (approx)...
dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: Name and Optional UID
......
dn: c=US
objectClass: country
c: US
dn: o=Example,c=US
dn: o=Esempio,c=IT
objectClass: organization
o: Esempio
o: Esempio S.p.A.
o: Example
o: Example, Inc.
dn: c=UK
objectClass: country
c: UK
dn: o=Example,c=UK
objectClass: organization
o: Example
o: Example, Ltd.
dn: o=Example,c=US
objectClass: organization
o: Example
o: Example, Inc.
dn: c=IT
objectClass: country
c: IT
dn: o=Esempio,c=IT
objectClass: organization
o: Esempio
o: Esempio S.p.A.
o: Example
dn: c=UK
objectClass: country
c: UK
dn: c=US
objectClass: country
c: US
dn: c=US
objectClass: country
c: US
dn: o=Example,c=US
dn: o=Beispiel,c=DE
objectClass: organization
o: Beispiel
o: Beispiel GmbH
o: Example
o: Example, Inc.
dn: c=UK
dn: c=DE
objectClass: country
c: UK
c: DE
dn: o=Esempio,c=IT
objectClass: organization
o: Esempio
o: Esempio S.p.A.
o: Example
dn: o=Example,c=UK
objectClass: organization
o: Example
o: Example, Ltd.
dn: o=Example,c=US
objectClass: organization
o: Example
o: Example, Inc.
dn: c=IT
objectClass: country
c: IT
dn: o=Esempio,c=IT
objectClass: organization
o: Esempio
o: Esempio S.p.A.
o: Example
dn: c=DE
dn: c=UK
objectClass: country
c: DE
c: UK
dn: o=Beispiel,c=DE
objectClass: organization
o: Beispiel
o: Beispiel GmbH
o: Example
dn: c=US
objectClass: country
c: US
......@@ -55,7 +55,7 @@ cat /dev/null > $SEARCHOUT
echo "Searching database..."
echo "# Searching database..." >> $SEARCHOUT
$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 >> $SEARCHOUT 2>&1
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
......@@ -67,7 +67,7 @@ fi
DN="OU=Sales+CN=J. Smith,DC=example,DC=net"
echo "Searching database for DN=\"$DN\"..."
echo "# Searching database for DN=\"$DN\"..." >> $SEARCHOUT
$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(member=$DN)" >> $SEARCHOUT 2>&1
RC=$?
......@@ -80,7 +80,7 @@ fi
DN="testUUID=597ae2f6-16a6-1027-98f4-ABCDEFabcdef,DC=Example"
echo "Searching database for entryUUID-named DN=\"$DN\"..."
echo "# Searching database for entryUUID-named DN=\"$DN\"..." >> $SEARCHOUT
$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(member=$DN)" \
>> $SEARCHOUT 2>&1
......@@ -94,7 +94,7 @@ fi
DN="dc=example,dc=com"
echo "Searching database for nameAndOptionalUID=\"$DN\"..."
echo "# Searching database for nameAndOptionalUID=\"$DN\"..." >> $SEARCHOUT
$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(uniqueMember=$DN)" >> $SEARCHOUT 2>&1
RC=$?
......@@ -107,7 +107,7 @@ fi
DN="dc=example,dc=com#'001000'B"
echo "Searching database for nameAndOptionalUID=\"$DN\"..."
echo "# Searching database for nameAndOptionalUID=\"$DN\"..." >> $SEARCHOUT
$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(uniqueMember=$DN)" >> $SEARCHOUT 2>&1
RC=$?
......@@ -120,7 +120,7 @@ fi
DN="dc=example,dc=com"
echo "Searching database for uniqueMember~=\"$DN\" (approx)..."
echo "# Searching database for uniqueMember~=\"$DN\" (approx)..." >> $SEARCHOUT
$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(uniqueMember~=)" >> $SEARCHOUT 2>&1
RC=$?
......@@ -133,7 +133,7 @@ fi
DN="dc=example,dc=com#'001000'B"
echo "Searching database for uniqueMember~=\"$DN\" (approx)..."
echo "# Searching database for uniqueMember~=\"$DN\" (approx)..." >> $SEARCHOUT
$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
"(uniqueMember~=$DN)" >> $SEARCHOUT 2>&1
RC=$?
......
......@@ -66,7 +66,7 @@ fi
echo "Searching database..."
$LDAPSEARCH -b "" -h $LOCALHOST -p $PORT1 > $SEARCHOUT 2>&1
$LDAPSEARCH -S "" -b "" -h $LOCALHOST -p $PORT1 > $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
......@@ -143,7 +143,7 @@ EOF
echo "Searching database..."
$LDAPSEARCH -b "" -h $LOCALHOST -p $PORT1 > $SEARCHOUT 2>&1
$LDAPSEARCH -S "" -b "" -h $LOCALHOST -p $PORT1 > $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment