Commit 35b40943 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Sync with HEAD

parent a3dc2a47
......@@ -2290,7 +2290,9 @@ acl_check_modlist(
* by ACL_WRITE checking as any found here are not provided
* by the user
*/
if ( is_at_no_user_mod( mlist->sml_desc->ad_type ) ) {
if ( is_at_no_user_mod( mlist->sml_desc->ad_type )
&& !mlist->sml_managing )
{
Debug( LDAP_DEBUG_ACL, "acl: no-user-mod %s:"
" modify access granted\n",
mlist->sml_desc->ad_cname.bv_val, 0, 0 );
......
......@@ -2250,6 +2250,7 @@ access_free( Access *a )
if ( !BER_BVISNULL( &a->a_group_pat ) ) {
free( a->a_group_pat.bv_val );
}
#ifdef SLAP_DYNACL
if ( a->a_dynacl != NULL ) {
slap_dynacl_t *da;
for ( da = a->a_dynacl; da; ) {
......@@ -2264,6 +2265,7 @@ access_free( Access *a )
ch_free( tmp );
}
}
#endif /* SLAP_DYNACL */
free( a );
}
......
......@@ -69,7 +69,8 @@ ldap_back_add(
isupdate = be_shadow_update( op );
for ( i = 0, a = op->oq_add.rs_e->e_attrs; a; a = a->a_next ) {
if ( !isupdate && a->a_desc->ad_type->sat_no_user_mod ) {
if ( !isupdate && !get_manageDIT( op ) && a->a_desc->ad_type->sat_no_user_mod )
{
continue;
}
......
......@@ -882,7 +882,7 @@ retry:;
ldap_memfree( text );
}
rs->sr_text = NULL;
return( ERR_OK( rs->sr_err ) ? 0 : -1 );
return( ERR_OK( rs->sr_err ) ? LDAP_SUCCESS : rs->sr_err );
}
/* return true if bound, false if failed */
......
......@@ -64,7 +64,8 @@ ldap_back_modify(
isupdate = be_shadow_update( op );
for ( i = 0, ml = op->oq_modify.rs_modlist; ml; ml = ml->sml_next ) {
if ( !isupdate && ml->sml_desc->ad_type->sat_no_user_mod ) {
if ( !isupdate && !!get_manageDIT( op ) && ml->sml_desc->ad_type->sat_no_user_mod )
{
continue;
}
......
......@@ -83,7 +83,8 @@ meta_back_add( Operation *op, SlapReply *rs )
for ( i = 0, a = op->ora_e->e_attrs; a; a = a->a_next ) {
int j, is_oc = 0;
if ( !isupdate && a->a_desc->ad_type->sat_no_user_mod ) {
if ( !isupdate && !get_manageDIT( op ) && a->a_desc->ad_type->sat_no_user_mod )
{
continue;
}
......
......@@ -89,7 +89,8 @@ meta_back_modify( Operation *op, SlapReply *rs )
for ( i = 0, ml = op->orm_modlist; ml; ml = ml->sml_next ) {
int j, is_oc = 0;
if ( !isupdate && ml->sml_desc->ad_type->sat_no_user_mod ) {
if ( !isupdate && !get_manageDIT( op ) && ml->sml_desc->ad_type->sat_no_user_mod )
{
continue;
}
......
......@@ -184,8 +184,8 @@ do_modify(
goto cleanup;
}
rs->sr_err = slap_mods_check( modlist, &rs->sr_text,
textbuf, textlen, NULL );
rs->sr_err = slap_mods_check( modlist,
&rs->sr_text, textbuf, textlen, NULL );
if ( rs->sr_err != LDAP_SUCCESS ) {
send_ldap_result( op, rs );
......@@ -499,8 +499,9 @@ slap_mods_no_user_mod_check(
for ( ; ml != NULL; ml = ml->sml_next ) {
if ( !is_at_no_user_mod( ml->sml_desc->ad_type ) ) continue;
if( get_manageDIT( op )) {
if ( get_manageDIT( op ) ) {
if ( ml->sml_desc->ad_type->sat_flags & SLAP_AT_MANAGEABLE ) {
ml->sml_managing = 1;
continue;
}
......@@ -844,7 +845,7 @@ int slap_mods_opattrs(
assert( modtail != NULL );
assert( *modtail == NULL );
if ( SLAP_LASTMOD( op->o_bd )) {
if ( SLAP_LASTMOD( op->o_bd ) ) {
time_t now = slap_get_time();
slap_get_csn( op, csnbuf, sizeof(csnbuf), &csn, manage_ctxcsn );
......@@ -854,7 +855,7 @@ int slap_mods_opattrs(
slap_timestamp( &now, &timestamp );
if( op->o_dn.bv_len == 0 ) {
if ( BER_BVISEMPTY( &op->o_dn ) ) {
BER_BVSTR( &name, SLAPD_ANONYMOUS );
nname = name;
} else {
......@@ -863,10 +864,20 @@ int slap_mods_opattrs(
}
}
if( op->o_tag == LDAP_REQ_ADD ) {
if ( op->o_tag == LDAP_REQ_ADD ) {
struct berval tmpval;
{
mod = *modtail;
if ( get_manageDIT( op ) ) {
for ( mod = mods; mod != *modtail; mod = mod->sml_next ) {
if ( mod->sml_desc == slap_schema.si_ad_structuralObjectClass ) {
break;
}
}
}
if ( mod == *modtail ) {
int rc = mods_structural_class( mods, &tmpval,
text, textbuf, textlen );
if( rc != LDAP_SUCCESS ) return rc;
......@@ -892,42 +903,136 @@ int slap_mods_opattrs(
modtail = &mod->sml_next;
}
if ( SLAP_LASTMOD( op->o_bd )) {
char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ];
if ( SLAP_LASTMOD( op->o_bd ) ) {
mod = *modtail;
if ( get_manageDIT( op ) ) {
for ( mod = mods; mod != *modtail; mod = mod->sml_next ) {
if ( mod->sml_desc == slap_schema.si_ad_entryUUID ) {
break;
}
}
}
tmpval.bv_len = lutil_uuidstr( uuidbuf, sizeof( uuidbuf ) );
tmpval.bv_val = uuidbuf;
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_entryUUID;
mod->sml_values =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &tmpval );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
assert( mod->sml_values[0].bv_val != NULL );
mod->sml_nvalues =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
(*mod->sml_desc->ad_type->sat_equality->smr_normalize)(
SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
mod->sml_desc->ad_type->sat_syntax,
mod->sml_desc->ad_type->sat_equality,
mod->sml_values, mod->sml_nvalues, NULL );
mod->sml_nvalues[1].bv_len = 0;
mod->sml_nvalues[1].bv_val = NULL;
*modtail = mod;
modtail = &mod->sml_next;
if ( mod == *modtail ) {
char uuidbuf[ LDAP_LUTIL_UUIDSTR_BUFSIZE ];
tmpval.bv_len = lutil_uuidstr( uuidbuf, sizeof( uuidbuf ) );
tmpval.bv_val = uuidbuf;
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_entryUUID;
mod->sml_values =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &tmpval );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
assert( mod->sml_values[0].bv_val != NULL );
mod->sml_nvalues =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
(*mod->sml_desc->ad_type->sat_equality->smr_normalize)(
SLAP_MR_VALUE_OF_ATTRIBUTE_SYNTAX,
mod->sml_desc->ad_type->sat_syntax,
mod->sml_desc->ad_type->sat_equality,
mod->sml_values, mod->sml_nvalues, NULL );
mod->sml_nvalues[1].bv_len = 0;
mod->sml_nvalues[1].bv_val = NULL;
*modtail = mod;
modtail = &mod->sml_next;
}
mod = *modtail;
if ( get_manageDIT( op ) ) {
for ( mod = mods; mod != *modtail; mod = mod->sml_next ) {
if ( mod->sml_desc == slap_schema.si_ad_creatorsName ) {
break;
}
}
}
if ( mod == *modtail ) {
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_creatorsName;
mod->sml_values =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &name );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
assert( mod->sml_values[0].bv_val != NULL );
mod->sml_nvalues =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_nvalues[0], &nname );
mod->sml_nvalues[1].bv_len = 0;
mod->sml_nvalues[1].bv_val = NULL;
assert( mod->sml_nvalues[0].bv_val != NULL );
*modtail = mod;
modtail = &mod->sml_next;
}
mod = *modtail;
if ( get_manageDIT( op ) ) {
for ( mod = mods; mod != *modtail; mod = mod->sml_next ) {
if ( mod->sml_desc == slap_schema.si_ad_createTimestamp ) {
break;
}
}
}
if ( mod == *modtail ) {
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_createTimestamp;
mod->sml_values =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &timestamp );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
assert( mod->sml_values[0].bv_val != NULL );
mod->sml_nvalues = NULL;
*modtail = mod;
modtail = &mod->sml_next;
}
}
}
if ( SLAP_LASTMOD( op->o_bd ) ) {
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_entryCSN;
mod->sml_values = (BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &csn );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
assert( mod->sml_values[0].bv_val != NULL );
mod->sml_nvalues = NULL;
*modtail = mod;
modtail = &mod->sml_next;
mod = *modtail;
if ( get_manageDIT( op ) ) {
for ( mod = mods; mod != *modtail; mod = mod->sml_next ) {
if ( mod->sml_desc == slap_schema.si_ad_modifiersName ) {
break;
}
}
}
if ( mod == *modtail ) {
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_creatorsName;
mod->sml_values =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
mod->sml_desc = slap_schema.si_ad_modifiersName;
mod->sml_values = (BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &name );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
......@@ -940,14 +1045,24 @@ int slap_mods_opattrs(
assert( mod->sml_nvalues[0].bv_val != NULL );
*modtail = mod;
modtail = &mod->sml_next;
}
mod = *modtail;
if ( get_manageDIT( op ) ) {
for ( mod = mods; mod != *modtail; mod = mod->sml_next ) {
if ( mod->sml_desc == slap_schema.si_ad_modifyTimestamp ) {
break;
}
}
}
if ( mod == *modtail ) {
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_createTimestamp;
mod->sml_values =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
mod->sml_desc = slap_schema.si_ad_modifyTimestamp;
mod->sml_values = (BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &timestamp );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
......@@ -958,55 +1073,6 @@ int slap_mods_opattrs(
}
}
if ( SLAP_LASTMOD( op->o_bd )) {
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_entryCSN;
mod->sml_values = (BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &csn );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
assert( mod->sml_values[0].bv_val != NULL );
mod->sml_nvalues = NULL;
*modtail = mod;
modtail = &mod->sml_next;
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_modifiersName;
mod->sml_values = (BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &name );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
assert( mod->sml_values[0].bv_val != NULL );
mod->sml_nvalues =
(BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_nvalues[0], &nname );
mod->sml_nvalues[1].bv_len = 0;
mod->sml_nvalues[1].bv_val = NULL;
assert( mod->sml_nvalues[0].bv_val != NULL );
*modtail = mod;
modtail = &mod->sml_next;
mod = (Modifications *) ch_malloc( sizeof( Modifications ) );
mod->sml_op = mop;
mod->sml_flags = SLAP_MOD_INTERNAL;
mod->sml_type.bv_val = NULL;
mod->sml_desc = slap_schema.si_ad_modifyTimestamp;
mod->sml_values = (BerVarray) ch_malloc( 2 * sizeof( struct berval ) );
ber_dupbv( &mod->sml_values[0], &timestamp );
mod->sml_values[1].bv_len = 0;
mod->sml_values[1].bv_val = NULL;
assert( mod->sml_values[0].bv_val != NULL );
mod->sml_nvalues = NULL;
*modtail = mod;
modtail = &mod->sml_next;
}
*modtail = NULL;
return LDAP_SUCCESS;
}
......
......@@ -154,7 +154,8 @@ rwm_op_add( Operation *op, SlapReply *rs )
}
}
} else if ( !isupdate && (*ap)->a_desc->ad_type->sat_no_user_mod ) {
} else if ( !isupdate && !get_manageDIT( op ) && (*ap)->a_desc->ad_type->sat_no_user_mod )
{
goto next_attr;
} else {
......@@ -437,7 +438,8 @@ rwm_op_modify( Operation *op, SlapReply *rs )
{
is_oc = 1;
} else if ( !isupdate && (*mlp)->sml_desc->ad_type->sat_no_user_mod ) {
} else if ( !isupdate && !get_manageDIT( op ) && (*mlp)->sml_desc->ad_type->sat_no_user_mod )
{
goto next_mod;
} else {
......@@ -895,6 +897,7 @@ rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first, int stripEntryDN )
}
} else if ( !isupdate
&& !get_manageDIT( op )
&& (*ap)->a_desc->ad_type->sat_no_user_mod
&& (*ap)->a_desc->ad_type != slap_schema.si_at_undefined )
{
......
......@@ -551,7 +551,7 @@ static struct slap_schema_ad_map {
"ORDERING UUIDOrderingMatch "
"SYNTAX 1.3.6.1.4.1.4203.666.2.6 "
"SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )",
NULL, SLAP_AT_HIDE,
NULL, SLAP_AT_HIDE|SLAP_AT_MANAGEABLE,
NULL, NULL,
NULL, NULL, NULL, NULL, NULL,
offsetof(struct slap_internal_schema, si_ad_entryUUID) },
......
......@@ -1173,6 +1173,7 @@ typedef struct slap_mod_list {
#define sml_type sml_mod.sm_type
#define sml_values sml_mod.sm_values
#define sml_nvalues sml_mod.sm_nvalues
char sml_managing;
struct slap_mod_list *sml_next;
} Modifications;
......
......@@ -63,5 +63,5 @@ clean-local: FORCE
-$(RM) -r testrun *leak *gmon *core
veryclean-local: FORCE
@-$(RM) run data schema ucdata
@-$(RM) run testdata schema ucdata
dn: cn=All Staff,dc=example,dc=com
objectClass: groupOfNames
cn: All Staff
member:
creatorsName: cn=Someone
modifiersName: cn=Someone Else
dn: cn=All Staff,ou=Groups,dc=example,dc=com
member: cn=Manager,dc=example,dc=com
member: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=exam
......@@ -291,7 +298,8 @@ uniqueMember: cn=James A Jones 2,ou=Information Technology Division,ou=People,
uniqueMember: cn=John Doe,ou=Information Technology Division,ou=People,dc=exam
ple,dc=com
creatorsName: cn=Manager,dc=example,dc=com
modifiersName: cn=Manager,dc=example,dc=com
modifiersName: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc
=example,dc=com
dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
objectClass: OpenLDAPperson
......@@ -449,3 +457,51 @@ telephoneNumber: +1 313 555 5331
creatorsName: cn=Manager,dc=example,dc=com
modifiersName: cn=Manager,dc=example,dc=com
dn: dc=example,dc=com
objectClass: top
objectClass: organization
objectClass: domainRelatedObject
objectClass: dcObject
dc: example
l: Anytown, Michigan
st: Michigan
o: Example, Inc.
o: EX
o: Ex.
description: The Example, Inc. at Anytown
postalAddress: Example, Inc. $ 535 W. William St. $ Anytown, MI 48109 $ US
telephoneNumber: +1 313 555 1817
associatedDomain: example.com
creatorsName: cn=Manager,dc=example,dc=com
modifyTimestamp: 19700101000000Z
createTimestamp: 19700101000000Z
modifiersName: cn=Manager,dc=example,dc=com
dn: cn=All Staff,dc=example,dc=com
objectClass: groupOfNames
cn: All Staff
member:
entryUUID: badbadef-dbad-1029-92f7-badbadbadbad
dn: cn=All Staff,ou=Groups,dc=example,dc=com
member: cn=Manager,dc=example,dc=com
member: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=exam
ple,dc=com
member: cn=Jane Doe,ou=Alumni Association,ou=People,dc=example,dc=com
member: cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc
=com
member: cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,dc=com
member: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
member: cn=James A Jones 2,ou=Information Technology Division,ou=People,dc=exa
mple,dc=com
member: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com
member: cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com
member: cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com
member: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=exampl
e,dc=com
owner: cn=Manager,dc=example,dc=com
cn: All Staff
description: Everyone in the sample data
objectClass: groupOfNames
entryUUID: badbadba-dbad-1029-92f7-badbadbadbad
......@@ -111,6 +111,32 @@ changetype: modify
replace: modifiersName
modifiersName: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com
dn: dc=example,dc=com
# change timestamps
changetype: modify
replace: modifyTimestamp
modifyTimestamp: 19700101000000Z
-
replace: createTimestamp
createTimestamp: 19700101000000Z
-
dn: cn=All Staff,ou=Groups,dc=example,dc=com
# change entryUUID
changetype: modify
replace: entryUUID
entryUUID: badbadba-dbad-1029-92f7-badbadbadbad
dn: cn=All Staff,dc=example,dc=com
changetype: add
objectClass: groupOfNames
cn: All Staff
member:
creatorsName: cn=Someone
createTimestamp: 19700101000000Z
modifiersName: cn=Someone Else
modifyTimestamp: 19700101000000Z
entryUUID: badbadef-dbad-1029-92f7-badbadbadbad
EOMODS
RC=$?
......@@ -161,7 +187,6 @@ delete: structuralObjectClass
-
add: structuralObjectClass
structuralObjectClass: testPerson
EOMODS
RC=$?
......@@ -175,6 +200,25 @@ echo "Using ldapsearch to retrieve all the entries..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
'objectClass=*' '*' creatorsName modifiersName > $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo "ldapsearch failed ($RC)!"
exit $RC
fi
$LDAPSEARCH -S "" -b "$BASEDN" -s base -h $LOCALHOST -p $PORT1 \
'objectClass=*' '*' creatorsName createTimestamp \
modifiersName modifyTimestamp >> $SEARCHOUT 2>&1
RC=$?
if test $RC != 0 ; then
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo "ldapsearch failed ($RC)!"
exit $RC
fi
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
'(cn=All Staff)' '*' entryUUID >> $SEARCHOUT 2>&1
RC=$?
test $KILLSERVERS != no && kill -HUP $KILLPIDS
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment