diff --git a/servers/slapd/back-bdb/id2entry.c b/servers/slapd/back-bdb/id2entry.c
index d4eb26711119a21037a44c44bfb0832f1362fcf5..37cdcb67dfccf89c0115806c75ac32c03634e67f 100644
--- a/servers/slapd/back-bdb/id2entry.c
+++ b/servers/slapd/back-bdb/id2entry.c
@@ -376,15 +376,22 @@ return_results:
if( rc != LDAP_SUCCESS ) {
/* free entry */
bdb_cache_return_entry_rw(bdb->bi_dbenv, &bdb->bi_cache, e, rw, &lock);
+
} else {
- *ent = e;
- /* big drag. we need a place to store a read lock so we can
- * release it later??
- */
- if ( op && !boi ) {
- boi = op->o_tmpcalloc(1,sizeof(struct bdb_op_info),op->o_tmpmemctx);
- boi->boi_lock = lock;
- op->o_private = boi;
+ if ( slapMode == SLAP_SERVER_MODE ) {
+ *ent = e;
+ /* big drag. we need a place to store a read lock so we can
+ * release it later??
+ */
+ if ( op && !boi ) {
+ boi = op->o_tmpcalloc(1,sizeof(struct bdb_op_info),op->o_tmpmemctx);
+ boi->boi_lock = lock;
+ op->o_private = boi;
+ }
+
+ } else {
+ *ent = entry_dup( e );
+ bdb_cache_return_entry_rw(bdb->bi_dbenv, &bdb->bi_cache, e, rw, &lock);
}
}
diff --git a/servers/slapd/slapacl.c b/servers/slapd/slapacl.c
index 9ffde3b85a7e07faa12d82b4fc5faf25e88307fb..31b68b7aac93d8a6058cee419dd09e90db65a91b 100644
--- a/servers/slapd/slapacl.c
+++ b/servers/slapd/slapacl.c
@@ -65,8 +65,23 @@ slapacl( int argc, char **argv )
rc = 1;
goto destroy;
}
+
+ } else if ( !BER_BVISNULL( &authcDN ) ) {
+ struct berval ndn;
+
+ rc = dnNormalize( 0, NULL, NULL, &authcDN, &ndn, NULL );
+ if ( rc != LDAP_SUCCESS ) {
+ fprintf( stderr, "autchDN=\"%s\" normalization failed %d (%s)\n",
+ authcDN.bv_val, rc,
+ ldap_err2string( rc ) );
+ rc = 1;
+ goto destroy;
+ }
+ ch_free( authcDN.bv_val );
+ authcDN = ndn;
}
+
if ( !BER_BVISNULL( &authcDN ) ) {
fprintf( stderr, "DN: \"%s\"\n", authcDN.bv_val );
}
diff --git a/servers/slapd/slapadd.c b/servers/slapd/slapadd.c
index 54421f5fba8fb877586c8c3ce3fb273735321f8a..677e7b1fd41478f15cce9706e0404627dc27487a 100644
--- a/servers/slapd/slapadd.c
+++ b/servers/slapd/slapadd.c
@@ -100,7 +100,7 @@ slapadd( int argc, char **argv )
lmax = 0;
lineno = 0;
- if( be->be_entry_open( be, 1 ) != 0 ) {
+ if( !dryrun && be->be_entry_open( be, 1 ) != 0 ) {
fprintf( stderr, "%s: could not open database.\n",
progname );
exit( EXIT_FAILURE );
@@ -308,6 +308,13 @@ slapadd( int argc, char **argv )
}
}
+ if ( dryrun ) {
+ if ( verbose ) {
+ fprintf( stderr, "(dry) added: \"%s\"\n", e->e_dn );
+ }
+ goto done;
+ }
+
if ( update_ctxcsn == SLAP_TOOL_CTXCSN_KEEP &&
( replica_promotion || replica_demotion )) {
if ( is_entry_syncProviderSubentry( e )) {
@@ -404,8 +411,12 @@ slapadd( int argc, char **argv )
}
if (( !is_entry_syncProviderSubentry( e ) &&
- !is_entry_syncConsumerSubentry( e )) ||
- ( !replica_promotion && !replica_demotion )) {
+ !is_entry_syncConsumerSubentry( e )) ||
+ ( !replica_promotion && !replica_demotion ))
+ {
+ /* dryrun moved earlier */
+ assert( !dryrun );
+
if (!dryrun) {
ID id = be->be_entry_put( be, e, &bvtext );
if( id == NOID ) {
@@ -429,6 +440,7 @@ slapadd( int argc, char **argv )
}
}
+done:;
entry_free( e );
}
@@ -471,6 +483,10 @@ slapadd( int argc, char **argv )
if ( ctxcsn_id == NOID ) {
ctxcsn_e = slap_create_context_csn_entry( be, &maxcsn );
+
+ /* dryrun moved earlier */
+ assert( !dryrun );
+
if ( !dryrun ) {
ctxcsn_id = be->be_entry_put( be, ctxcsn_e, &bvtext );
if( ctxcsn_id == NOID ) {
@@ -496,6 +512,10 @@ slapadd( int argc, char **argv )
AC_MEMCPY( attr->a_vals[0].bv_val, maxcsn.bv_val, maxcsn.bv_len );
attr->a_vals[0].bv_val[maxcsn.bv_len] = '\0';
attr->a_vals[0].bv_len = maxcsn.bv_len;
+
+ /* dryrun moved earlier */
+ assert( !dryrun );
+
if ( !dryrun ) {
ctxcsn_id = be->be_entry_modify( be, ctxcsn_e, &bvtext );
if( ctxcsn_id == NOID ) {
@@ -547,8 +567,12 @@ slapadd( int argc, char **argv )
if ( ctxcsn_id == NOID ) {
ctxcsn_e = slap_create_syncrepl_entry( be, &mc,
- &slap_syncrepl_cn_bv,
- &slap_syncrepl_bv );
+ &slap_syncrepl_cn_bv,
+ &slap_syncrepl_bv );
+
+ /* dryrun moved earlier */
+ assert( !dryrun );
+
if ( !dryrun ) {
ctxcsn_id = be->be_entry_put( be, ctxcsn_e, &bvtext );
if( ctxcsn_id == NOID ) {
@@ -575,6 +599,10 @@ slapadd( int argc, char **argv )
AC_MEMCPY( attr->a_vals[0].bv_val, mc.bv_val, mc.bv_len );
attr->a_vals[0].bv_val[maxcsn.bv_len] = '\0';
attr->a_vals[0].bv_len = maxcsn.bv_len;
+
+ /* dryrun moved earlier */
+ assert( !dryrun );
+
if ( !dryrun ) {
ctxcsn_id = be->be_entry_modify( be,
ctxcsn_e, &bvtext );
@@ -615,7 +643,11 @@ slapadd( int argc, char **argv )
if ( ctxcsn_id == NOID ) {
ctxcsn_e = slap_create_syncrepl_entry( be, &sei->cookie,
- &sei->rdn, &sei->cn );
+ &sei->rdn, &sei->cn );
+
+ /* dryrun moved earlier */
+ assert( !dryrun );
+
if ( !dryrun ) {
ctxcsn_id = be->be_entry_put( be, ctxcsn_e, &bvtext );
if( ctxcsn_id == NOID ) {
@@ -642,6 +674,10 @@ slapadd( int argc, char **argv )
AC_MEMCPY( attr->a_vals[0].bv_val, sei->cookie.bv_val, sei->cookie.bv_len );
attr->a_vals[0].bv_val[sei->cookie.bv_len] = '\0';
attr->a_vals[0].bv_len = sei->cookie.bv_len;
+
+ /* dryrun moved earlier */
+ assert( !dryrun );
+
if ( !dryrun ) {
ctxcsn_id = be->be_entry_modify( be,
ctxcsn_e, &bvtext );
diff --git a/servers/slapd/slapcommon.c b/servers/slapd/slapcommon.c
index 55659e7ab3534e77bced3f2d33f736dbfe9b02d2..68af0e9ff598577ccf213a4cc173161c6886b5bb 100644
--- a/servers/slapd/slapcommon.c
+++ b/servers/slapd/slapcommon.c
@@ -131,10 +131,12 @@ slap_tool_init(
case SLAPDN:
case SLAPTEST:
options = "d:f:v";
+ mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
break;
case SLAPAUTH:
options = "d:f:U:vX:";
+ mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
break;
case SLAPINDEX:
@@ -144,6 +146,7 @@ slap_tool_init(
case SLAPACL:
options = "b:D:d:f:U:v";
+ mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
break;
default:
@@ -168,7 +171,7 @@ slap_tool_init(
break;
case 'D':
- ber_str2bv( optarg, 0, 0, &authcDN );
+ ber_str2bv( optarg, 0, 1, &authcDN );
break;
case 'f': /* specify a conf file */
@@ -430,8 +433,12 @@ slap_tool_init(
be = select_backend( &nbase, 0, 0 );
ber_memfree( nbase.bv_val );
- if ( tool == SLAPACL ) {
+ switch ( tool ) {
+ case SLAPACL:
goto startup;
+
+ default:
+ break;
}
if( be == NULL ) {
@@ -527,4 +534,8 @@ void slap_tool_destroy( void )
#ifdef CSRIMALLOC
mal_dumpleaktrace( leakfile );
#endif
+
+ if ( !BER_BVISNULL( &authcDN ) ) {
+ ch_free( authcDN.bv_val );
+ }
}