Commit ceb6412e authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

More -DSLAPD_SCHEMA_NOT_COMPAT changes

Not hidden: "<anonymous>" modifiersname
parent 0dbaf877
......@@ -20,7 +20,7 @@ static AccessControl * acl_get(
Backend *be, Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeType *type,
AttributeDescription *desc,
#else
const char *attr,
#endif
......@@ -31,7 +31,7 @@ static slap_control_t acl_mask(
Backend *be, Connection *conn, Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeType *type,
AttributeDescription *desc,
#else
const char *attr,
#endif
......@@ -44,7 +44,7 @@ static int aci_mask(
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeType *type,
AttributeDescription *desc,
#else
const char *attr,
#endif
......@@ -87,7 +87,7 @@ access_allowed(
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeType *attr,
AttributeDescription *attr,
#else
const char *attr,
#endif
......@@ -128,7 +128,7 @@ access_allowed(
* by the user
*/
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if ( access >= ACL_WRITE && is_at_no_user_mod( attr ) )
if ( access >= ACL_WRITE && is_at_no_user_mod( attr->ad_type ) )
#else
if ( access >= ACL_WRITE && oc_check_op_no_usermod_attr( attr ) )
#endif
......@@ -230,13 +230,14 @@ acl_get(
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeType *attr,
AttributeDescription *desc,
#else
const char *attr,
const char *desc,
#endif
int nmatch,
regmatch_t *matches )
{
const char *attr;
assert( e != NULL );
assert( count != NULL );
......@@ -253,6 +254,12 @@ acl_get(
a = a->acl_next;
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
attr = desc->ad_cname->bv_val;
#else
attr = desc;
#endif
for ( ; a != NULL; a = a->acl_next ) {
(*count) ++;
......@@ -280,7 +287,7 @@ acl_get(
*count, attr, 0);
if ( attr == NULL || a->acl_attrs == NULL ||
charray_inlist( a->acl_attrs, attr ) )
ad_inlist( desc, a->acl_attrs ) )
{
Debug( LDAP_DEBUG_ACL,
"<= acl_get: [%d] acl %s attr: %s\n",
......@@ -313,7 +320,7 @@ acl_mask(
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeType *attr,
AttributeDescription *attr,
#else
const char *attr,
#endif
......@@ -681,7 +688,7 @@ acl_check_modlist(
#endif
}
for ( ; mlist != NULL; mlist = mlist->ml_next ) {
for ( ; mlist != NULL; mlist = mlist->sml_next ) {
/*
* no-user-modification operational attributes are ignored
* by ACL_WRITE checking as any found here are not provided
......@@ -690,23 +697,28 @@ acl_check_modlist(
#ifdef SLAPD_SCHEMA_NOT_COMPAT
/* not yet implemented */
#else
if ( oc_check_op_no_usermod_attr( mlist->ml_type ) ) {
if ( oc_check_op_no_usermod_attr( mlist->sml_type ) ) {
Debug( LDAP_DEBUG_ACL, "NoUserMod Operational attribute:"
" modify access granted\n",
mlist->ml_type, 0, 0 );
mlist->sml_type, 0, 0 );
continue;
}
#endif
switch ( mlist->ml_op ) {
switch ( mlist->sml_op ) {
case LDAP_MOD_REPLACE:
case LDAP_MOD_ADD:
if ( mlist->ml_bvalues == NULL ) {
if ( mlist->sml_bvalues == NULL ) {
break;
}
for ( i = 0; mlist->ml_bvalues[i] != NULL; i++ ) {
for ( i = 0; mlist->sml_bvalues[i] != NULL; i++ ) {
if ( ! access_allowed( be, conn, op, e,
mlist->ml_type, mlist->ml_bvalues[i],
ACL_WRITE ) )
#ifdef SLAPD_SCHEMA_NOT_COMPAT
&mlist->sml_desc,
#else
mlist->sml_type,
#endif
mlist->sml_bvalues[i], ACL_WRITE ) )
{
return( 0 );
}
......@@ -714,26 +726,33 @@ acl_check_modlist(
break;
case LDAP_MOD_DELETE:
if ( mlist->ml_bvalues == NULL ) {
if ( mlist->sml_bvalues == NULL ) {
if ( ! access_allowed( be, conn, op, e,
mlist->ml_type, NULL,
ACL_WRITE ) )
#ifdef SLAPD_SCHEMA_NOT_COMPAT
&mlist->sml_desc,
#else
mlist->sml_type,
#endif
NULL, ACL_WRITE ) )
{
return( 0 );
}
break;
}
for ( i = 0; mlist->ml_bvalues[i] != NULL; i++ ) {
for ( i = 0; mlist->sml_bvalues[i] != NULL; i++ ) {
if ( ! access_allowed( be, conn, op, e,
mlist->ml_type, mlist->ml_bvalues[i],
ACL_WRITE ) )
#ifdef SLAPD_SCHEMA_NOT_COMPAT
&mlist->sml_desc,
#else
mlist->sml_type,
#endif
mlist->sml_bvalues[i], ACL_WRITE ) )
{
return( 0 );
}
}
break;
}
#endif
}
return( 1 );
......@@ -1017,7 +1036,11 @@ aci_mask(
Backend *be,
Operation *op,
Entry *e,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc,
#else
const char *attr,
#endif
struct berval *val,
struct berval *aci,
regmatch_t *matches,
......@@ -1092,9 +1115,7 @@ aci_mask(
} else if (aci_strbvcmp( "dnattr", &bv ) == 0) {
Attribute *at;
char *attrname;
attrname = aci_bvstrdup(&sdn);
char *attrname = aci_bvstrdup(&sdn);
at = attr_find(e->e_attrs, attrname);
ch_free(attrname);
......
......@@ -217,7 +217,11 @@ attr_merge(
Attribute *
attr_find(
Attribute *a,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc
#else
const char *type
#endif
)
{
for ( ; a != NULL; a = a->a_next ) {
......@@ -243,7 +247,11 @@ attr_find(
int
attr_delete(
Attribute **attrs,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeDescription *desc
#else
const char *type
#endif
)
{
Attribute **a;
......
......@@ -86,8 +86,8 @@ index_add_mods(
{
int rc;
for ( ; ml != NULL; ml = ml->ml_next ) {
Modification *mod = &ml->ml_mod;
for ( ; ml != NULL; ml = ml->sml_next ) {
Modification *mod = &ml->sml_mod;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
/* not yet implemented */
......
......@@ -48,8 +48,8 @@ int ldbm_modify_internal(
save_attrs = e->e_attrs;
e->e_attrs = attrs_dup( e->e_attrs );
for ( ml = modlist; ml != NULL; ml = ml->ml_next ) {
mod = &ml->ml_mod;
for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
mod = &ml->sml_mod;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
switch ( mod->sm_op )
......@@ -129,8 +129,8 @@ int ldbm_modify_internal(
/* remove old indices */
if( save_attrs != NULL ) {
for ( ml = modlist; ml != NULL; ml = ml->ml_next ) {
mod = &ml->ml_mod;
for ( ml = modlist; ml != NULL; ml = ml->sml_next ) {
mod = &ml->sml_mod;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if ( mod->sm_op == LDAP_MOD_REPLACE )
#else
......
......@@ -619,7 +619,7 @@ backend_group(
const char *op_ndn,
const char *objectclassValue,
#ifdef SLAPD_SCHEMA_NOT_COMPAT
AttributeType *group_at
AttributeDescription *group_at
#else
const char *group_at
#endif
......
......@@ -197,7 +197,7 @@ test_ava_filter(
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if ( be != NULL && ! access_allowed( be, conn, op, e,
ava->aa_desc->ad_type->sat_cname, ava->aa_value, ACL_SEARCH ) )
ava->aa_desc, ava->aa_value, ACL_SEARCH ) )
#else
if ( be != NULL && ! access_allowed( be, conn, op, e,
......@@ -208,7 +208,7 @@ test_ava_filter(
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if ( (a = attr_find( e->e_attrs, ava->aa_desc->ad_cname->bv_val )) == NULL )
if ( (a = attr_find( e->e_attrs, ava->aa_desc )) == NULL )
#else
if ( (a = attr_find( e->e_attrs, ava->ava_type )) == NULL )
#endif
......@@ -286,7 +286,7 @@ test_presence_filter(
{
#ifdef SLAPD_SCHEMA_NOT_COMPAT
if ( be != NULL && ! access_allowed( be, conn, op, e,
desc->ad_type->sat_cname, NULL, ACL_SEARCH ) )
desc, NULL, ACL_SEARCH ) )
#else
if ( be != NULL && ! access_allowed( be, conn, op, e,
type, NULL, ACL_SEARCH ) )
......@@ -296,7 +296,7 @@ test_presence_filter(
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
return attr_find( e->e_attrs, desc->ad_cname->bv_val ) != NULL
return attr_find( e->e_attrs, desc ) != NULL
#else
return attr_find( e->e_attrs, type ) != NULL
#endif
......
......@@ -26,7 +26,7 @@
#include "ldap_pvt.h"
#include "slap.h"
static void modlist_free(Modifications *ml);
static void modlist_free(LDAPModList *ml);
static int add_modified_attrs( Operation *op, Modifications **modlist );
......@@ -40,8 +40,9 @@ do_modify(
char *last;
ber_tag_t tag;
ber_len_t len;
Modifications *modlist = NULL;
Modifications **modtail = &modlist;
LDAPModList *modlist = NULL;
LDAPModList **modtail = &modlist;
Modifications *mods = NULL;
#ifdef LDAP_DEBUG
Modifications *tmp;
#endif
......@@ -103,11 +104,8 @@ do_modify(
{
ber_int_t mop;
(*modtail) = (Modifications *) ch_calloc( 1, sizeof(Modifications) );
(*modtail) = (LDAPModList *) ch_calloc( 1, sizeof(LDAPModList) );
#ifdef SLAPD_SCHEMA_NOT_COMPAT
/* not yet implemented */
#else
if ( ber_scanf( op->o_ber, "{i{a[V]}}", &mop,
&(*modtail)->ml_type, &(*modtail)->ml_bvalues )
== LBER_ERROR )
......@@ -117,7 +115,6 @@ do_modify(
rc = -1;
goto cleanup;
}
#endif
(*modtail)->ml_op = mop;
......@@ -156,24 +153,33 @@ do_modify(
}
*modtail = NULL;
if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, "do_modify: get_ctrls failed\n", 0, 0, 0 );
goto cleanup;
}
#ifdef SLAPD_SCHEMA_NOT_COMPAT
/* not yet implemented */
#else
mods = modlist;
#endif
#ifdef LDAP_DEBUG
Debug( LDAP_DEBUG_ARGS, "modifications:\n", 0, 0, 0 );
for ( tmp = modlist; tmp != NULL; tmp = tmp->ml_next ) {
for ( tmp = mods; tmp != NULL; tmp = tmp->sml_next ) {
#ifdef SLAPD_SCHEMA_NOT_COMPAT
char *type = tmp->sml_desc.ad_cname->bv_val;
#else
char *type = tmp->sml_type;
#endif
Debug( LDAP_DEBUG_ARGS, "\t%s: %s\n",
tmp->ml_op == LDAP_MOD_ADD
? "add" : (tmp->ml_op == LDAP_MOD_DELETE
? "delete" : "replace"), tmp->ml_type, 0 );
tmp->sml_op == LDAP_MOD_ADD
? "add" : (tmp->sml_op == LDAP_MOD_DELETE
? "delete" : "replace"), type, 0 );
}
#endif
#endif
if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, "do_modify: get_ctrls failed\n", 0, 0, 0 );
goto cleanup;
}
Statslog( LDAP_DEBUG_STATS, "conn=%ld op=%d MOD dn=\"%s\"\n",
op->o_connid, op->o_opid, dn, 0, 0 );
......@@ -228,7 +234,7 @@ do_modify(
if ( (be->be_lastmod == ON || (be->be_lastmod == UNDEFINED &&
global_lastmod == ON)) && be->be_update_ndn == NULL )
{
rc = add_modified_attrs( op, &modlist );
rc = add_modified_attrs( op, &mods );
if( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
......@@ -238,14 +244,14 @@ do_modify(
}
}
if ( (*be->be_modify)( be, conn, op, dn, ndn, modlist ) == 0
if ( (*be->be_modify)( be, conn, op, dn, ndn, mods ) == 0
#ifdef SLAPD_MULTIMASTER
&& ( be->be_update_ndn == NULL ||
strcmp( be->be_update_ndn, op->o_ndn ) != 0 )
#endif
) {
/* but we log only the ones not from a replicator user */
replog( be, op, dn, modlist );
replog( be, op, dn, mods );
}
#ifndef SLAPD_MULTIMASTER
......@@ -293,7 +299,7 @@ add_modified_attrs( Operation *op, Modifications **modlist )
}
if ( op->o_dn == NULL || op->o_dn[0] == '\0' ) {
bv.bv_val = "NULLDN";
bv.bv_val = "<anonymous>";
bv.bv_len = strlen( bv.bv_val );
} else {
bv.bv_val = op->o_dn;
......@@ -329,14 +335,11 @@ add_modified_attrs( Operation *op, Modifications **modlist )
static void
modlist_free(
Modifications *ml
LDAPModList *ml
)
{
Modifications *next;
LDAPModList *next;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
/* not yet implemented */
#else
for ( ; ml != NULL; ml = next ) {
next = ml->ml_next;
......@@ -348,5 +351,4 @@ modlist_free(
free( ml );
}
#endif
}
......@@ -39,7 +39,7 @@ LIBSLAPD_F (int) ad_inlist LDAP_P((
#if SLAPD_SCHEMA_NOT_COMPAT
LIBSLAPD_F (int) access_allowed LDAP_P((
Backend *be, Connection *conn, Operation *op,
Entry *e, AttributeDescription *type, struct berval *val,
Entry *e, AttributeDescription *desc, struct berval *val,
slap_access_t access ));
#else
LIBSLAPD_F (int) access_allowed LDAP_P((
......
......@@ -57,38 +57,38 @@ replog(
case LDAP_REQ_MODIFY:
fprintf( fp, "changetype: modify\n" );
ml = change;
for ( ; ml != NULL; ml = ml->ml_next ) {
for ( ; ml != NULL; ml = ml->sml_next ) {
#ifdef SLAPD_SCHEMA_NOT_COMPAT
/* not yet implemented */
#else
switch ( ml->ml_op ) {
switch ( ml->sml_op ) {
case LDAP_MOD_ADD:
fprintf( fp, "add: %s\n", ml->ml_type );
fprintf( fp, "add: %s\n", ml->sml_type );
break;
case LDAP_MOD_DELETE:
fprintf( fp, "delete: %s\n", ml->ml_type );
fprintf( fp, "delete: %s\n", ml->sml_type );
break;
case LDAP_MOD_REPLACE:
fprintf( fp, "replace: %s\n", ml->ml_type );
fprintf( fp, "replace: %s\n", ml->sml_type );
break;
}
for ( i = 0; ml->ml_bvalues != NULL &&
ml->ml_bvalues[i] != NULL; i++ ) {
for ( i = 0; ml->sml_bvalues != NULL &&
ml->sml_bvalues[i] != NULL; i++ ) {
char *buf, *bufp;
len = strlen( ml->ml_type );
len = strlen( ml->sml_type );
len = LDIF_SIZE_NEEDED( len,
ml->ml_bvalues[i]->bv_len ) + 1;
ml->sml_bvalues[i]->bv_len ) + 1;
buf = (char *) ch_malloc( len );
bufp = buf;
ldif_sput( &bufp, LDIF_PUT_VALUE,
ml->ml_type,
ml->ml_bvalues[i]->bv_val,
ml->ml_bvalues[i]->bv_len );
ml->sml_type,
ml->sml_bvalues[i]->bv_val,
ml->sml_bvalues[i]->bv_len );
*bufp = '\0';
fputs( buf, fp );
......
......@@ -481,19 +481,38 @@ typedef struct slap_mod {
#endif
typedef struct slap_mod_list {
Modification ml_mod;
Modification sml_mod;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
#define ml_op ml_mod.sm_op
#define ml_desc ml_mod.sm_desc
#define ml_bvalues ml_mod.sm_bvalues
#define sml_op sml_mod.sm_op
#define sml_desc sml_mod.sm_desc
#define sml_bvalues sml_mod.sm_bvalues
#else
#define sml_op sml_mod.mod_op
#define sml_type sml_mod.mod_type
#define sml_values sml_mod.mod_values
#define sml_bvalues sml_mod.mod_bvalues
#endif
struct slap_mod_list *sml_next;
} Modifications;
#ifdef SLAPD_SCHEMA_NOT_COMPAT
typedef struct slap_ldap_modlist {
LDAPMod ml_mod;
struct slap_ldap_modlist *ml_next;
#define ml_op ml_mod.mod_op
#define ml_type ml_mod.mod_type
#define ml_values ml_mod.mod_values
#define ml_bvalues ml_mod.mod_bvalues
} LDAPModList;
#else
#define LDAPModList Modifications
#define ml_mod sml_mod
#define ml_op sml_mod.mod_op
#define ml_type sml_mod.mod_type
#define ml_values sml_mod.mod_values
#define ml_bvalues sml_mod.mod_bvalues
#define ml_next sml_next
#endif
struct slap_mod_list *ml_next;
} Modifications;
/*
* represents an access control list
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment