Commit 40a5b31d authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Protect creatorsname and createtimestamp

parent af4571df
......@@ -117,21 +117,25 @@ do_add( conn, op )
*/
if ( be->be_add != NULL ) {
/* do the update here */
if ( be->be_updatedn == NULL || strcasecmp( be->be_updatedn,
op->o_dn ) == 0 ) {
if ( (be->be_lastmod == ON || be->be_lastmod == 0 &&
global_lastmod == ON) && be->be_updatedn == NULL ) {
if ( be->be_updatedn == NULL ||
strcasecmp( be->be_updatedn, op->o_dn ) == 0 ) {
if ( (be->be_lastmod == ON || (be->be_lastmod == UNDEFINED &&
global_lastmod == ON)) && be->be_updatedn == NULL ) {
add_created_attrs( op, e );
}
if ( (*be->be_add)( be, conn, op, e ) == 0 ) {
replog( be, LDAP_REQ_ADD, e->e_dn, e, 0 );
}
} else {
entry_free( e );
send_ldap_result( conn, op, LDAP_PARTIAL_RESULTS, NULL,
default_referral );
}
} else {
Debug( LDAP_DEBUG_ARGS, " do_add: HHH\n", 0, 0, 0 );
entry_free( e );
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
"Function not implemented" );
......@@ -155,8 +159,10 @@ add_created_attrs( Operation *op, Entry *e )
/* remove any attempts by the user to add these attrs */
for ( a = &e->e_attrs; *a != NULL; a = next ) {
if ( strcasecmp( (*a)->a_type, "createtimestamp" ) == 0
|| strcasecmp( (*a)->a_type, "creatorsname" ) == 0 ) {
if ( strcasecmp( (*a)->a_type, "modifiersname" ) == 0 ||
strcasecmp( (*a)->a_type, "modifytimestamp" ) == 0 ||
strcasecmp( (*a)->a_type, "creatorsname" ) == 0 ||
strcasecmp( (*a)->a_type, "createtimestamp" ) == 0 ) {
tmp = *a;
*a = (*a)->a_next;
attr_free( tmp );
......
......@@ -155,14 +155,14 @@ do_modify(
*/
if ( be->be_modify != NULL ) {
/* do the update here */
if ( be->be_updatedn == NULL || strcasecmp( be->be_updatedn,
op->o_dn ) == 0 ) {
if ( (be->be_lastmod == ON || be->be_lastmod == 0 &&
global_lastmod == ON) && be->be_updatedn == NULL ) {
if ( be->be_updatedn == NULL ||
strcasecmp( be->be_updatedn, op->o_dn ) == 0 ) {
if ( (be->be_lastmod == ON || ( be->be_lastmod == UNDEFINED &&
global_lastmod == ON ) ) && be->be_updatedn == NULL ) {
add_lastmods( op, &mods );
}
if ( (*be->be_modify)( be, conn, op, odn, mods )
== 0 ) {
if ( (*be->be_modify)( be, conn, op, odn, mods ) == 0 ) {
replog( be, LDAP_REQ_MODIFY, dn, mods, 0 );
}
......@@ -214,17 +214,25 @@ add_lastmods( Operation *op, LDAPMod **mods )
/* remove any attempts by the user to modify these attrs */
for ( m = mods; *m != NULL; m = &(*m)->mod_next ) {
if ( strcasecmp( (*m)->mod_type, "modifytimestamp" ) == 0
|| strcasecmp( (*m)->mod_type, "modifiersname" ) == 0 ) {
tmp = *m;
*m = (*m)->mod_next;
free( tmp->mod_type );
if ( tmp->mod_bvalues != NULL ) {
ber_bvecfree( tmp->mod_bvalues );
}
free( tmp );
}
}
if ( strcasecmp( (*m)->mod_type, "modifytimestamp" ) == 0 ||
strcasecmp( (*m)->mod_type, "modifiersname" ) == 0 ||
strcasecmp( (*m)->mod_type, "createtimestamp" ) == 0 ||
strcasecmp( (*m)->mod_type, "creatorsname" ) == 0 ) {
Debug( LDAP_DEBUG_TRACE,
"add_lastmods: found lastmod attr: %s\n",
(*m)->mod_type, 0, 0 );
tmp = *m;
*m = (*m)->mod_next;
free( tmp->mod_type );
if ( tmp->mod_bvalues != NULL ) {
ber_bvecfree( tmp->mod_bvalues );
}
free( tmp );
if (!*m)
break;
}
}
if ( op->o_dn == NULL || op->o_dn[0] == '\0' ) {
bv.bv_val = "NULLDN";
......@@ -251,8 +259,7 @@ add_lastmods( Operation *op, LDAPMod **mods )
tmp = (LDAPMod *) ch_calloc( 1, sizeof(LDAPMod) );
tmp->mod_type = strdup( "modifytimestamp" );
tmp->mod_op = LDAP_MOD_REPLACE;
tmp->mod_bvalues = (struct berval **) ch_calloc( 1,
2 * sizeof(struct berval *) );
tmp->mod_bvalues = (struct berval **) ch_calloc( 1, 2 * sizeof(struct berval *) );
tmp->mod_bvalues[0] = ber_bvdup( &bv );
tmp->mod_next = *mods;
*mods = tmp;
......
......@@ -17,6 +17,7 @@
#define ON 1
#define OFF (-1)
#define UNDEFINED 0
/*
* represents an attribute value assertion (i.e., attr=value)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment