unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT

693fb942 · Kurt Zeilenga · dd00feb0 · 693fb942 · 693fb942 · 693fb942
Commit 693fb942 authored Jun 06, 2000 by Kurt Zeilenga
--- a/include/portable.h.in
+++ b/include/portable.h.in
@@ -14,12 +14,6 @@

 /* end of preamble */

-#if !defined(SLAPD_SCHEMA_COMPAT) && !defined(SLAPD_SCHEMA_NOT_COMPAT)
-	/* define SLAPD_SCHEMA_COMPAT if you want old schema codes */
-#define SLAPD_SCHEMA_NOT_COMPAT 1
-#endif
-
-
 /* Define if on AIX 3.
   System headers sometimes define this.
   We just want to avoid a redefinition error message.  */

--- a/include/portable.nt
+++ b/include/portable.nt
@@ -16,11 +16,6 @@

 /* end of preamble */

-#if !defined( SLAPD_SCHEMA_COMPAT ) && !defined( SLAPD_SCHEMA_NOT_COMPAT )
-	/* use new schema codes */
-#define SLAPD_SCHEMA_NOT_COMPAT 1
-#endif
-
 /* comment this out if you don't have Cyrus SASL */
 #define HAVE_CYRUS_SASL 1


--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -19,22 +19,14 @@ static AccessControl * acl_get(
 	AccessControl *ac, int *count,
 	Backend *be, Operation *op,
 	Entry *e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	AttributeDescription *desc,
-#else
-	const char *desc,
-#endif
 	int nmatches, regmatch_t *matches );

 static slap_control_t acl_mask(
 	AccessControl *ac, slap_access_mask_t *mask,
 	Backend *be, Connection *conn, Operation *op,
 	Entry *e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	AttributeDescription *desc,
-#else
-	const char *desc,
-#endif
 	struct berval *val,
 	regmatch_t *matches );

@@ -43,11 +35,7 @@ static int aci_mask(
 	Backend *be,
 	Operation *op,
 	Entry *e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	AttributeDescription *desc,
-#else
-	const char *desc,
-#endif
 	struct berval *val,
 	struct berval *aci,
 	regmatch_t *matches,
@@ -83,11 +71,7 @@ access_allowed(
    Connection		*conn,
    Operation		*op,
    Entry		*e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	AttributeDescription	*desc,
-#else
-    const char		*desc,
-#endif
    struct berval	*val,
    slap_access_t	access )
 {
@@ -99,11 +83,7 @@ access_allowed(
 	slap_access_mask_t mask;
 	slap_control_t control;

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	const char *attr = desc ? desc->ad_cname->bv_val : NULL;
-#else
-    const char *attr = desc;
-#endif

 	regmatch_t       matches[MAXREMATCHES];

@@ -130,11 +110,7 @@ access_allowed(
 	 * by ACL_WRITE checking as any found here are not provided
 	 * by the user
 	 */
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	if ( access >= ACL_WRITE && is_at_no_user_mod( desc->ad_type ) )
-#else
-	if ( access >= ACL_WRITE && oc_check_op_no_usermod_attr( attr ) )
-#endif
 	{
 		Debug( LDAP_DEBUG_ACL, "NoUserMod Operational attribute:"
 			" %s access granted\n",
@@ -232,11 +208,7 @@ acl_get(
    Backend		*be,
    Operation	*op,
    Entry		*e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	AttributeDescription *desc,
-#else
-    const char	*desc,
-#endif
    int			nmatch,
    regmatch_t	*matches )
 {
@@ -244,11 +216,7 @@ acl_get(
 	assert( e != NULL );
 	assert( count != NULL );

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	attr = desc ? desc->ad_cname->bv_val : NULL;
-#else
-	attr = desc;
-#endif

 	if( a == NULL ) {
 		if( be == NULL ) {
@@ -322,11 +290,7 @@ acl_mask(
    Connection	*conn,
    Operation	*op,
    Entry		*e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	AttributeDescription *desc,
-#else
-    const char	*desc,
-#endif
    struct berval	*val,
 	regmatch_t	*matches
 )
@@ -336,11 +300,7 @@ acl_mask(
 #ifdef LDAP_DEBUG
 	char accessmaskbuf[ACCESSMASK_MAXLEN];
 #endif
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	const char *attr = desc ? desc->ad_cname->bv_val : NULL;
-#else
-	const char *attr = desc;
-#endif

 	assert( a != NULL );
 	assert( mask != NULL );
@@ -449,13 +409,9 @@ acl_mask(
 		if ( b->a_dn_at != NULL && op->o_ndn != NULL ) {
 			Attribute	*at;
 			struct berval	bv;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 			int match;
 			const char *text;
 			const char *desc = b->a_dn_at->ad_cname->bv_val;
-#else
-			const char *desc = b->a_dn_at;
-#endif

 			Debug( LDAP_DEBUG_ACL, "<= check a_dn_at: %s\n",
 				b->a_dn_at, 0, 0);
@@ -464,7 +420,6 @@ acl_mask(
 			bv.bv_len = strlen( bv.bv_val );

 			/* see if asker is listed in dnattr */
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 			for( at = attrs_find( e->e_attrs, b->a_dn_at );
 				at == NULL;
 				at = attrs_find( e->e_attrs->a_next, b->a_dn_at ) )
@@ -493,24 +448,6 @@ acl_mask(
 			{
 				continue;
 			}
-#else
-			/* see if asker is listed in dnattr */
-			if ( (at = attr_find( e->e_attrs, b->a_dn_at )) != NULL &&
-				value_find( at->a_vals, &bv, at->a_syntax, 3 ) == 0 )
-			{
-				if ( b->a_dn_self && (val == NULL
-					|| value_cmp( &bv, val, at->a_syntax, 2 ) ) )
-				{
-					continue;
-				}
-
-			/* asker not listed in dnattr - check for self access */
-			} else if ( ! b->a_dn_self || val == NULL
-				|| value_cmp( &bv, val, at->a_syntax, 2 ) != 0 )
-			{
-				continue;
-			}
-#endif
 		}

 		if ( b->a_group_pat != NULL && op->o_ndn != NULL ) {
@@ -725,21 +662,12 @@ acl_check_modlist(
 		 * by ACL_WRITE checking as any found here are not provided
 		 * by the user
 		 */
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 		if ( is_at_no_user_mod( mlist->sml_desc->ad_type ) ) {
 			Debug( LDAP_DEBUG_ACL, "acl: no-user-mod %s:"
 				" modify access granted\n",
 				mlist->sml_desc->ad_cname->bv_val, 0, 0 );
 			continue;
 		}
-#else
-		if ( oc_check_op_no_usermod_attr( mlist->sml_type ) ) {
- 			Debug( LDAP_DEBUG_ACL, "acl: no-user-mod %s:"
-				" modify access granted\n",
-				mlist->sml_type, 0, 0 );
-			continue;
-		}
-#endif

 		switch ( mlist->sml_op ) {
 		case LDAP_MOD_REPLACE:
@@ -1019,14 +947,9 @@ aci_group_member (
 	char *subjdn, *grpdn = NULL;
 	char *grpoc;
 	char *grpat;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	ObjectClass *grp_oc = NULL;
 	AttributeDescription *grp_ad = NULL;
 	char *text;
-#else
-	char *grp_oc;
-	char *grp_ad;
-#endif
 	int rc;

 	/* format of string is "group/objectClassValue/groupAttrName" */
@@ -1051,15 +974,11 @@ aci_group_member (
 		grpat = aci_bvstrdup(&bv);
 	}

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	rc = slap_str2ad( grpat, &grp_ad, &text );
 	if( rc != LDAP_SUCCESS ) {
 		rc = 0;
 		goto done;
 	}
-#else
-	grp_ad = grpat;
-#endif
 	rc = 0;

 	grpdn = (char *)ch_malloc(1024);
@@ -1071,10 +990,8 @@ aci_group_member (
 		}
 	}

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 done:
 	if( grp_ad != NULL ) ad_free( grp_ad, 1 );
-#endif
 	ch_free(grpdn);
 	ch_free(grpat);
 	ch_free(grpoc);
@@ -1087,11 +1004,7 @@ aci_mask(
    Backend			*be,
    Operation		*op,
    Entry			*e,
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	AttributeDescription *desc,
-#else
-    const char		*attr,
-#endif
    struct berval	*val,
    struct berval	*aci,
 	regmatch_t		*matches,
@@ -1102,9 +1015,7 @@ aci_mask(
    struct berval bv, perms, sdn;
    char *subjdn;
 	int rc, i;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	char *attr;
-#endif

 	/* parse an aci of the form:
 		oid#scope#action;rights;attr;rights;attr$action;rights;attr;rights;attr#dnType#subjectDN
@@ -1163,7 +1074,6 @@ aci_mask(

 	} else if (aci_strbvcmp( "dnattr", &bv ) == 0) {
 		char *dnattr = aci_bvstrdup(&sdn);
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 		Attribute *at;
 		AttributeDescription *ad = NULL;
 		const char *text;
@@ -1193,19 +1103,6 @@ aci_mask(
 		ad_free( ad, 1 );
 		return rc;

-#else
-		Attribute *at;
-		at = attr_find( e->e_attrs, dnattr );
-		ch_free( dnattr );
-
-		if (at != NULL) {
-			bv.bv_val = op->o_ndn;
-			bv.bv_len = strlen( bv.bv_val );
-
-			if (value_find( at->a_vals, &bv, at->a_syntax, 3 ) == 0 )
-				return(1);
-		}
-#endif

 	} else if (aci_strbvcmp( "group", &bv ) == 0) {
 		if (aci_group_member(&sdn, SLAPD_GROUP_CLASS, SLAPD_GROUP_ATTR, be, e, op, matches))

--- a/servers/slapd/aclparse.c
+++ b/servers/slapd/aclparse.c
@@ -95,10 +95,8 @@ parse_acl(
 	char		*left, *right;
 	AccessControl	*a;
 	Access	*b;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	int rc;
 	const char *text;
-#endif

 	a = NULL;
 	for ( i = 1; i < argc; i++ ) {
@@ -324,7 +322,6 @@ parse_acl(
 						acl_usage();
 					}

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 					rc = slap_str2ad( right, &b->a_dn_at, &text );

 					if( rc != LDAP_SUCCESS ) {
@@ -346,9 +343,6 @@ parse_acl(
 						acl_usage();
 					}

-#else
-					b->a_dn_at = ch_strdup( right );
-#endif
 					continue;
 				}

@@ -377,11 +371,7 @@ parse_acl(
 					b->a_group_pat = ch_strdup( right );

 					if (value && *value) {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 						b->a_group_oc = oc_find( value );
-#else
-						b->a_group_oc = ch_strdup(value);
-#endif
 						*--value = '/';

 						if( b->a_group_oc == NULL ) {
@@ -392,7 +382,6 @@ parse_acl(
 							acl_usage();
 						}
 					} else {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 						b->a_group_oc = oc_find(SLAPD_GROUP_CLASS);

 						if( b->a_group_oc == NULL ) {
@@ -402,12 +391,8 @@ parse_acl(
 								fname, lineno, SLAPD_GROUP_CLASS );
 							acl_usage();
 						}
-#else
-						b->a_group_oc = ch_strdup(SLAPD_GROUP_CLASS);
-#endif
 					}

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 #if 0
 					if( is_object_subclass( b->a_group_oc,
 						slap_schema.si_oc_referral ) )
@@ -428,11 +413,9 @@ parse_acl(
 							fname, lineno, value );
 						acl_usage();
 					}
-#endif
 #endif

 					if (name && *name) {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 						rc = slap_str2ad( right, &b->a_group_at, &text );

 						if( rc != LDAP_SUCCESS ) {
@@ -441,12 +424,8 @@ parse_acl(
 								fname, lineno, right, text );
 							acl_usage();
 						}
-#else
-						b->a_group_at = ch_strdup(name);
-#endif
 						*--name = '/';
 					} else {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 						rc = slap_str2ad( SLAPD_GROUP_ATTR, &b->a_group_at, &text );

 						if( rc != LDAP_SUCCESS ) {
@@ -455,12 +434,8 @@ parse_acl(
 								fname, lineno, SLAPD_GROUP_ATTR, text );
 							acl_usage();
 						}
-#else
-						b->a_group_at = ch_strdup( SLAPD_GROUP_ATTR );
-#endif
 					}

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 					if( !is_at_syntax( b->a_group_at->ad_type,
 						SLAPD_DN_SYNTAX ) )
 					{
@@ -494,7 +469,6 @@ parse_acl(
 							acl_usage();
 						}
 					}
-#endif
 					continue;
 				}

@@ -559,7 +533,6 @@ parse_acl(
 						acl_usage();
 					}

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 					if ( right != NULL && *right != '\0' ) {
 						rc = slap_str2ad( right, &b->a_aci_at, &text );

@@ -591,13 +564,6 @@ parse_acl(
 						acl_usage();
 					}

-#else
-					if ( right != NULL && *right != '\0' ) {
-						b->a_aci_at = ch_strdup( right );
-					} else {
-						b->a_aci_at = ch_strdup( SLAPD_ACI_ATTR );
-					}
-#endif
 					continue;
 				}
 #endif /* SLAPD_ACI_ENABLED */
@@ -1012,11 +978,7 @@ print_access( Access *b )
 	}

 	if ( b->a_dn_at != NULL ) {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 		fprintf( stderr, " dnattr=%s", b->a_dn_at->ad_cname->bv_val );
-#else
-		fprintf( stderr, " dnattr=%s", b->a_dn_at );
-#endif
 	}

 	if ( b->a_group_pat != NULL ) {
@@ -1026,11 +988,7 @@ print_access( Access *b )
 			fprintf( stderr, " objectClass: %s", b->a_group_oc );

 			if ( b->a_group_at ) {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 				fprintf( stderr, " attributeType: %s", b->a_group_at->ad_cname->bv_val );
-#else
-				fprintf( stderr, " attributeType: %s", b->a_group_at );
-#endif
 			}
 		}
    }
@@ -1053,11 +1011,7 @@ print_access( Access *b )

 #ifdef SLAPD_ACI_ENABLED
 	if ( b->a_aci_at != NULL ) {
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 		fprintf( stderr, " aci=%s", b->a_aci_at->ad_cname->bv_val );
-#else
-		fprintf( stderr, " aci=%s", b->a_aci_at );
-#endif
 	}
 #endif


--- a/servers/slapd/ad.c
+++ b/servers/slapd/ad.c
@@ -18,7 +18,6 @@
 #include "ldap_pvt.h"
 #include "slap.h"

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 AttributeDescription *ad_dup(
 	AttributeDescription *desc )
 {
@@ -243,5 +242,4 @@ int ad_inlist(
 	return 0;
 }

-#endif

--- a/servers/slapd/add.c
+++ b/servers/slapd/add.c
@@ -26,14 +26,10 @@
 #include "ldap_pvt.h"
 #include "slap.h"

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 static int slap_mods2entry(
 	Modifications *mods,
 	Entry **e,
 	const char **text );
-#else
-static int	add_created_attrs(Operation *op, Entry *e);
-#endif

 int
 do_add( Connection *conn, Operation *op )
@@ -44,11 +40,9 @@ do_add( Connection *conn, Operation *op )
 	ber_tag_t	tag;
 	Entry		*e;
 	Backend		*be;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	LDAPModList	*modlist = NULL;
 	LDAPModList	**modtail = &modlist;
 	Modifications *mods = NULL;
-#endif
 	const char *text;
 	int			rc = LDAP_SUCCESS;

@@ -98,12 +92,7 @@ do_add( Connection *conn, Operation *op )
 	for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT;
 	    tag = ber_next_element( ber, &len, last ) )
 	{
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 		LDAPModList *mod = (LDAPModList *) ch_malloc( sizeof(LDAPModList) );
-#else
-		LDAPModList tmpmod;
-		LDAPModList *mod = &tmpmod;
-#endif
 		mod->ml_op = LDAP_MOD_ADD;
 		mod->ml_next = NULL;

@@ -114,9 +103,7 @@ do_add( Connection *conn, Operation *op )
 			send_ldap_disconnect( conn, op,
 				LDAP_PROTOCOL_ERROR, "decoding error" );
 			rc = -1;
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 			free( mod );
-#endif
 			goto done;
 		}

@@ -126,21 +113,12 @@ do_add( Connection *conn, Operation *op )
 			send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
 				NULL, "no values for attribute type", NULL, NULL );
 			free( mod->ml_type );
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 			free( mod );
-#endif
 			goto done;
 		}

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 		*modtail = mod;
 		modtail = &mod->ml_next;
-#else
-		attr_merge( e, mod->ml_type, mod->ml_bvalues );
-
-		free( mod->ml_type );
-		ber_bvecfree( mod->ml_bvalues );
-#endif
 	}

 	if ( ber_scanf( ber, /*{*/ "}") == LBER_ERROR ) {
@@ -156,11 +134,7 @@ do_add( Connection *conn, Operation *op )
 		goto done;
 	} 

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	if ( modlist == NULL )
-#else
-	if ( e->e_attrs == NULL )
-#endif
 	{
 		send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
 			NULL, "no attributes provided", NULL, NULL );
@@ -218,7 +192,6 @@ do_add( Connection *conn, Operation *op )
 		{
 			int update = be->be_update_ndn != NULL;

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 			rc = slap_modlist2mods( modlist, update, &mods, &text );
 			if( rc != LDAP_SUCCESS ) {
 				send_ldap_result( conn, op, rc,
@@ -226,13 +199,11 @@ do_add( Connection *conn, Operation *op )
 				goto done;
 			}

-#endif
 #ifndef SLAPD_MULTIMASTER
 			if ( (be->be_lastmod == ON || (be->be_lastmod == UNDEFINED &&
 				global_lastmod == ON)) && !update )
 #endif
 			{
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 				Modifications **modstail;
 				for( modstail = &mods;
 					*modstail != NULL;
@@ -242,10 +213,6 @@ do_add( Connection *conn, Operation *op )
 					assert( (*modstail)->sml_desc != NULL );
 				}
 				rc = slap_mods_opattrs( op, modstail, &text );
-#else
-				char *text = "no-user-modification attribute type";
-				rc = add_created_attrs( op, e );
-#endif
 				if( rc != LDAP_SUCCESS ) {
 					send_ldap_result( conn, op, rc,
 						NULL, text, NULL, NULL );
@@ -253,14 +220,12 @@ do_add( Connection *conn, Operation *op )
 				}
 			}

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 			rc = slap_mods2entry( mods, &e, &text );
 			if( rc != LDAP_SUCCESS ) {
 				send_ldap_result( conn, op, rc,
 					NULL, text, NULL, NULL );
 				goto done;
 			}
-#endif

 			if ( (*be->be_add)( be, conn, op, e ) == 0 ) {
 #ifdef SLAPD_MULTIMASTER
@@ -287,14 +252,12 @@ do_add( Connection *conn, Operation *op )
 	}

 done:
-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 	if( modlist != NULL ) {
 		slap_modlist_free( modlist );
 	}
 	if( mods != NULL ) {
 		slap_mods_free( mods );
 	}
-#endif
 	if( e != NULL ) {
 		entry_free( e );
 	}
@@ -302,7 +265,6 @@ done:
 	return rc;
 }

-#ifdef SLAPD_SCHEMA_NOT_COMPAT
 static int slap_mods2entry(
 	Modifications *mods,
 	Entry **e,
@@ -342,51 +304,3 @@ static int slap_mods2entry(
 	return LDAP_SUCCESS;
 }

-#else
-static int
-add_created_attrs( Operation *op, Entry *e )
-{
-	char		buf[22];
-	struct berval	bv;
-	struct berval	*bvals[2];
-	Attribute	*a;
-	struct tm	*ltm;
-	time_t		currenttime;
-
-	Debug( LDAP_DEBUG_TRACE, "add_created_attrs\n", 0, 0, 0 );
-
-	bvals[0] = &bv;
-	bvals[1] = NULL;
-
-	/* return error on any attempts by the user to add these attrs */
-	for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
-		if ( oc_check_op_no_usermod_attr( a->a_type ) )	{
-			return LDAP_CONSTRAINT_VIOLATION;