Commit 693fb942 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT

parent dd00feb0
......@@ -14,12 +14,6 @@
/* end of preamble */
#if !defined(SLAPD_SCHEMA_COMPAT) && !defined(SLAPD_SCHEMA_NOT_COMPAT)
/* define SLAPD_SCHEMA_COMPAT if you want old schema codes */
#define SLAPD_SCHEMA_NOT_COMPAT 1
#endif
/* Define if on AIX 3.
System headers sometimes define this.
We just want to avoid a redefinition error message. */
......
......@@ -16,11 +16,6 @@
/* end of preamble */
#if !defined( SLAPD_SCHEMA_COMPAT ) && !defined( SLAPD_SCHEMA_NOT_COMPAT )
/* use new schema codes */
#define SLAPD_SCHEMA_NOT_COMPAT 1
#endif
/* comment this out if you don't have Cyrus SASL */
#define HAVE_CYRUS_SASL 1
......
......@@ -19,22 +19,14 @@ static AccessControl * acl_get(
AccessControl *ac, int *count,
Backend *be, Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc,
#else
const char *desc,
#endif
int nmatches, regmatch_t *matches );
static slap_control_t acl_mask(
AccessControl *ac, slap_access_mask_t *mask,
Backend *be, Connection *conn, Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc,
#else
const char *desc,
#endif
struct berval *val,
regmatch_t *matches );
......@@ -43,11 +35,7 @@ static int aci_mask(
Backend *be,
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc,
#else
const char *desc,
#endif
struct berval *val,
struct berval *aci,
regmatch_t *matches,
......@@ -83,11 +71,7 @@ access_allowed(
Connection *conn,
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc,
#else
const char *desc,
#endif
struct berval *val,
slap_access_t access )
{
......@@ -99,11 +83,7 @@ access_allowed(
slap_access_mask_t mask;
slap_control_t control;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
const char *attr = desc ? desc->ad_cname->bv_val : NULL;
#else
const char *attr = desc;
#endif
regmatch_t matches[MAXREMATCHES];
......@@ -130,11 +110,7 @@ access_allowed(
* by ACL_WRITE checking as any found here are not provided
* by the user
*/
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if ( access >= ACL_WRITE && is_at_no_user_mod( desc->ad_type ) )
#else
if ( access >= ACL_WRITE && oc_check_op_no_usermod_attr( attr ) )
#endif
{
Debug( LDAP_DEBUG_ACL, "NoUserMod Operational attribute:"
" %s access granted\n",
......@@ -232,11 +208,7 @@ acl_get(
Backend *be,
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc,
#else
const char *desc,
#endif
int nmatch,
regmatch_t *matches )
{
......@@ -244,11 +216,7 @@ acl_get(
assert( e != NULL );
assert( count != NULL );
#ifdef SLAPD_SCHEMA_NOT_COMPAT
attr = desc ? desc->ad_cname->bv_val : NULL;
#else
attr = desc;
#endif
if( a == NULL ) {
if( be == NULL ) {
......@@ -322,11 +290,7 @@ acl_mask(
Connection *conn,
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc,
#else
const char *desc,
#endif
struct berval *val,
regmatch_t *matches
)
......@@ -336,11 +300,7 @@ acl_mask(
#ifdef LDAP_DEBUG
char accessmaskbuf[ACCESSMASK_MAXLEN];
#endif
#ifdef SLAPD_SCHEMA_NOT_COMPAT
const char *attr = desc ? desc->ad_cname->bv_val : NULL;
#else
const char *attr = desc;
#endif
assert( a != NULL );
assert( mask != NULL );
......@@ -449,13 +409,9 @@ acl_mask(
if ( b->a_dn_at != NULL && op->o_ndn != NULL ) {
Attribute *at;
struct berval bv;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
int match;
const char *text;
const char *desc = b->a_dn_at->ad_cname->bv_val;
#else
const char *desc = b->a_dn_at;
#endif
Debug( LDAP_DEBUG_ACL, "<= check a_dn_at: %s\n",
b->a_dn_at, 0, 0);
......@@ -464,7 +420,6 @@ acl_mask(
bv.bv_len = strlen( bv.bv_val );
/* see if asker is listed in dnattr */
#ifdef SLAPD_SCHEMA_NOT_COMPAT
for( at = attrs_find( e->e_attrs, b->a_dn_at );
at == NULL;
at = attrs_find( e->e_attrs->a_next, b->a_dn_at ) )
......@@ -493,24 +448,6 @@ acl_mask(
{
continue;
}
#else
/* see if asker is listed in dnattr */
if ( (at = attr_find( e->e_attrs, b->a_dn_at )) != NULL &&
value_find( at->a_vals, &bv, at->a_syntax, 3 ) == 0 )
{
if ( b->a_dn_self && (val == NULL
|| value_cmp( &bv, val, at->a_syntax, 2 ) ) )
{
continue;
}
/* asker not listed in dnattr - check for self access */
} else if ( ! b->a_dn_self || val == NULL
|| value_cmp( &bv, val, at->a_syntax, 2 ) != 0 )
{
continue;
}
#endif
}
if ( b->a_group_pat != NULL && op->o_ndn != NULL ) {
......@@ -725,21 +662,12 @@ acl_check_modlist(
* by ACL_WRITE checking as any found here are not provided
* by the user
*/
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if ( is_at_no_user_mod( mlist->sml_desc->ad_type ) ) {
Debug( LDAP_DEBUG_ACL, "acl: no-user-mod %s:"
" modify access granted\n",
mlist->sml_desc->ad_cname->bv_val, 0, 0 );
continue;
}
#else
if ( oc_check_op_no_usermod_attr( mlist->sml_type ) ) {
Debug( LDAP_DEBUG_ACL, "acl: no-user-mod %s:"
" modify access granted\n",
mlist->sml_type, 0, 0 );
continue;
}
#endif
switch ( mlist->sml_op ) {
case LDAP_MOD_REPLACE:
......@@ -1019,14 +947,9 @@ aci_group_member (
char *subjdn, *grpdn = NULL;
char *grpoc;
char *grpat;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
ObjectClass *grp_oc = NULL;
AttributeDescription *grp_ad = NULL;
char *text;
#else
char *grp_oc;
char *grp_ad;
#endif
int rc;
/* format of string is "group/objectClassValue/groupAttrName" */
......@@ -1051,15 +974,11 @@ aci_group_member (
grpat = aci_bvstrdup(&bv);
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
rc = slap_str2ad( grpat, &grp_ad, &text );
if( rc != LDAP_SUCCESS ) {
rc = 0;
goto done;
}
#else
grp_ad = grpat;
#endif
rc = 0;
grpdn = (char *)ch_malloc(1024);
......@@ -1071,10 +990,8 @@ aci_group_member (
}
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
done:
if( grp_ad != NULL ) ad_free( grp_ad, 1 );
#endif
ch_free(grpdn);
ch_free(grpat);
ch_free(grpoc);
......@@ -1087,11 +1004,7 @@ aci_mask(
Backend *be,
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc,
#else
const char *attr,
#endif
struct berval *val,
struct berval *aci,
regmatch_t *matches,
......@@ -1102,9 +1015,7 @@ aci_mask(
struct berval bv, perms, sdn;
char *subjdn;
int rc, i;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
char *attr;
#endif
/* parse an aci of the form:
oid#scope#action;rights;attr;rights;attr$action;rights;attr;rights;attr#dnType#subjectDN
......@@ -1163,7 +1074,6 @@ aci_mask(
} else if (aci_strbvcmp( "dnattr", &bv ) == 0) {
char *dnattr = aci_bvstrdup(&sdn);
#ifdef SLAPD_SCHEMA_NOT_COMPAT
Attribute *at;
AttributeDescription *ad = NULL;
const char *text;
......@@ -1193,19 +1103,6 @@ aci_mask(
ad_free( ad, 1 );
return rc;
#else
Attribute *at;
at = attr_find( e->e_attrs, dnattr );
ch_free( dnattr );
if (at != NULL) {
bv.bv_val = op->o_ndn;
bv.bv_len = strlen( bv.bv_val );
if (value_find( at->a_vals, &bv, at->a_syntax, 3 ) == 0 )
return(1);
}
#endif
} else if (aci_strbvcmp( "group", &bv ) == 0) {
if (aci_group_member(&sdn, SLAPD_GROUP_CLASS, SLAPD_GROUP_ATTR, be, e, op, matches))
......
......@@ -95,10 +95,8 @@ parse_acl(
char *left, *right;
AccessControl *a;
Access *b;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
int rc;
const char *text;
#endif
a = NULL;
for ( i = 1; i < argc; i++ ) {
......@@ -324,7 +322,6 @@ parse_acl(
acl_usage();
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
rc = slap_str2ad( right, &b->a_dn_at, &text );
if( rc != LDAP_SUCCESS ) {
......@@ -346,9 +343,6 @@ parse_acl(
acl_usage();
}
#else
b->a_dn_at = ch_strdup( right );
#endif
continue;
}
......@@ -377,11 +371,7 @@ parse_acl(
b->a_group_pat = ch_strdup( right );
if (value && *value) {
#ifdef SLAPD_SCHEMA_NOT_COMPAT
b->a_group_oc = oc_find( value );
#else
b->a_group_oc = ch_strdup(value);
#endif
*--value = '/';
if( b->a_group_oc == NULL ) {
......@@ -392,7 +382,6 @@ parse_acl(
acl_usage();
}
} else {
#ifdef SLAPD_SCHEMA_NOT_COMPAT
b->a_group_oc = oc_find(SLAPD_GROUP_CLASS);
if( b->a_group_oc == NULL ) {
......@@ -402,12 +391,8 @@ parse_acl(
fname, lineno, SLAPD_GROUP_CLASS );
acl_usage();
}
#else
b->a_group_oc = ch_strdup(SLAPD_GROUP_CLASS);
#endif
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
#if 0
if( is_object_subclass( b->a_group_oc,
slap_schema.si_oc_referral ) )
......@@ -428,11 +413,9 @@ parse_acl(
fname, lineno, value );
acl_usage();
}
#endif
#endif
if (name && *name) {
#ifdef SLAPD_SCHEMA_NOT_COMPAT
rc = slap_str2ad( right, &b->a_group_at, &text );
if( rc != LDAP_SUCCESS ) {
......@@ -441,12 +424,8 @@ parse_acl(
fname, lineno, right, text );
acl_usage();
}
#else
b->a_group_at = ch_strdup(name);
#endif
*--name = '/';
} else {
#ifdef SLAPD_SCHEMA_NOT_COMPAT
rc = slap_str2ad( SLAPD_GROUP_ATTR, &b->a_group_at, &text );
if( rc != LDAP_SUCCESS ) {
......@@ -455,12 +434,8 @@ parse_acl(
fname, lineno, SLAPD_GROUP_ATTR, text );
acl_usage();
}
#else
b->a_group_at = ch_strdup( SLAPD_GROUP_ATTR );
#endif
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if( !is_at_syntax( b->a_group_at->ad_type,
SLAPD_DN_SYNTAX ) )
{
......@@ -494,7 +469,6 @@ parse_acl(
acl_usage();
}
}
#endif
continue;
}
......@@ -559,7 +533,6 @@ parse_acl(
acl_usage();
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if ( right != NULL && *right != '\0' ) {
rc = slap_str2ad( right, &b->a_aci_at, &text );
......@@ -591,13 +564,6 @@ parse_acl(
acl_usage();
}
#else
if ( right != NULL && *right != '\0' ) {
b->a_aci_at = ch_strdup( right );
} else {
b->a_aci_at = ch_strdup( SLAPD_ACI_ATTR );
}
#endif
continue;
}
#endif /* SLAPD_ACI_ENABLED */
......@@ -1012,11 +978,7 @@ print_access( Access *b )
}
if ( b->a_dn_at != NULL ) {
#ifdef SLAPD_SCHEMA_NOT_COMPAT
fprintf( stderr, " dnattr=%s", b->a_dn_at->ad_cname->bv_val );
#else
fprintf( stderr, " dnattr=%s", b->a_dn_at );
#endif
}
if ( b->a_group_pat != NULL ) {
......@@ -1026,11 +988,7 @@ print_access( Access *b )
fprintf( stderr, " objectClass: %s", b->a_group_oc );
if ( b->a_group_at ) {
#ifdef SLAPD_SCHEMA_NOT_COMPAT
fprintf( stderr, " attributeType: %s", b->a_group_at->ad_cname->bv_val );
#else
fprintf( stderr, " attributeType: %s", b->a_group_at );
#endif
}
}
}
......@@ -1053,11 +1011,7 @@ print_access( Access *b )
#ifdef SLAPD_ACI_ENABLED
if ( b->a_aci_at != NULL ) {
#ifdef SLAPD_SCHEMA_NOT_COMPAT
fprintf( stderr, " aci=%s", b->a_aci_at->ad_cname->bv_val );
#else
fprintf( stderr, " aci=%s", b->a_aci_at );
#endif
}
#endif
......
......@@ -18,7 +18,6 @@
#include "ldap_pvt.h"
#include "slap.h"
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *ad_dup(
AttributeDescription *desc )
{
......@@ -243,5 +242,4 @@ int ad_inlist(
return 0;
}
#endif
......@@ -26,14 +26,10 @@
#include "ldap_pvt.h"
#include "slap.h"
#ifdef SLAPD_SCHEMA_NOT_COMPAT
static int slap_mods2entry(
Modifications *mods,
Entry **e,
const char **text );
#else
static int add_created_attrs(Operation *op, Entry *e);
#endif
int
do_add( Connection *conn, Operation *op )
......@@ -44,11 +40,9 @@ do_add( Connection *conn, Operation *op )
ber_tag_t tag;
Entry *e;
Backend *be;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
LDAPModList *modlist = NULL;
LDAPModList **modtail = &modlist;
Modifications *mods = NULL;
#endif
const char *text;
int rc = LDAP_SUCCESS;
......@@ -98,12 +92,7 @@ do_add( Connection *conn, Operation *op )
for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT;
tag = ber_next_element( ber, &len, last ) )
{
#ifdef SLAPD_SCHEMA_NOT_COMPAT
LDAPModList *mod = (LDAPModList *) ch_malloc( sizeof(LDAPModList) );
#else
LDAPModList tmpmod;
LDAPModList *mod = &tmpmod;
#endif
mod->ml_op = LDAP_MOD_ADD;
mod->ml_next = NULL;
......@@ -114,9 +103,7 @@ do_add( Connection *conn, Operation *op )
send_ldap_disconnect( conn, op,
LDAP_PROTOCOL_ERROR, "decoding error" );
rc = -1;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
free( mod );
#endif
goto done;
}
......@@ -126,21 +113,12 @@ do_add( Connection *conn, Operation *op )
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
NULL, "no values for attribute type", NULL, NULL );
free( mod->ml_type );
#ifdef SLAPD_SCHEMA_NOT_COMPAT
free( mod );
#endif
goto done;
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
*modtail = mod;
modtail = &mod->ml_next;
#else
attr_merge( e, mod->ml_type, mod->ml_bvalues );
free( mod->ml_type );
ber_bvecfree( mod->ml_bvalues );
#endif
}
if ( ber_scanf( ber, /*{*/ "}") == LBER_ERROR ) {
......@@ -156,11 +134,7 @@ do_add( Connection *conn, Operation *op )
goto done;
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if ( modlist == NULL )
#else
if ( e->e_attrs == NULL )
#endif
{
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
NULL, "no attributes provided", NULL, NULL );
......@@ -218,7 +192,6 @@ do_add( Connection *conn, Operation *op )
{
int update = be->be_update_ndn != NULL;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
rc = slap_modlist2mods( modlist, update, &mods, &text );
if( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
......@@ -226,13 +199,11 @@ do_add( Connection *conn, Operation *op )
goto done;
}
#endif
#ifndef SLAPD_MULTIMASTER
if ( (be->be_lastmod == ON || (be->be_lastmod == UNDEFINED &&
global_lastmod == ON)) && !update )
#endif
{
#ifdef SLAPD_SCHEMA_NOT_COMPAT
Modifications **modstail;
for( modstail = &mods;
*modstail != NULL;
......@@ -242,10 +213,6 @@ do_add( Connection *conn, Operation *op )
assert( (*modstail)->sml_desc != NULL );
}
rc = slap_mods_opattrs( op, modstail, &text );
#else
char *text = "no-user-modification attribute type";
rc = add_created_attrs( op, e );
#endif
if( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
NULL, text, NULL, NULL );
......@@ -253,14 +220,12 @@ do_add( Connection *conn, Operation *op )
}
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
rc = slap_mods2entry( mods, &e, &text );
if( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
NULL, text, NULL, NULL );
goto done;
}
#endif
if ( (*be->be_add)( be, conn, op, e ) == 0 ) {
#ifdef SLAPD_MULTIMASTER
......@@ -287,14 +252,12 @@ do_add( Connection *conn, Operation *op )
}
done:
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if( modlist != NULL ) {
slap_modlist_free( modlist );
}
if( mods != NULL ) {
slap_mods_free( mods );
}
#endif
if( e != NULL ) {
entry_free( e );
}
......@@ -302,7 +265,6 @@ done:
return rc;
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
static int slap_mods2entry(
Modifications *mods,
Entry **e,
......@@ -342,51 +304,3 @@ static int slap_mods2entry(
return LDAP_SUCCESS;
}
#else
static int
add_created_attrs( Operation *op, Entry *e )
{
char buf[22];
struct berval bv;
struct berval *bvals[2];
Attribute *a;
struct tm *ltm;
time_t currenttime;
Debug( LDAP_DEBUG_TRACE, "add_created_attrs\n", 0, 0, 0 );
bvals[0] = &bv;
bvals[1] = NULL;
/* return error on any attempts by the user to add these attrs */
for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
if ( oc_check_op_no_usermod_attr( a->a_type ) ) {
return LDAP_CONSTRAINT_VIOLATION;