Changes to 'refs/tags/389-admin-1.1.25'
by Richard Allen Megginson
Changes since 389-admin-1.1.11:
Endi S. Dewata (3):
Bug 573889 - Migration does not remove deprecated schema
Bug 644929 - FDS to 389 DS migration results in both Fedora and 389 entries
Bug 470576 - Migration could do addition checks before commiting actions
Nathan Kinder (42):
Bug 648949 - Merge selinux policy into base OS
Regenerated autoconf files
Bug 638511 - dirsrv-admin crashes at startup with SELinux enabled
Bug 668950 - Add posix group support to Console
Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
Bug 618897 - Wrong permissions when creating instance from Console
Bug 493424 - remove unneeded modules for admin server apache config
Bug 614690 - Don't use exec to call genrb
Bug 699815 - (cov#10859) Add missing braces in mod_admserv code
Bug 699815 - (cov#10858) getenv() called twice in viewlog cgi
Bug 699815 - (cov#10849,10851) Remove unused variables
Bug 699907 - (cov#10844) Uninitialized time struct
Bug 699907 - (cov#10843) Use of uninitialized variable in logging code
Bug 699907 - (cov#10840) Use of uninitialized buffer in security cgi
Bug 699907 - (cov#10836) Use of uninitialized var in http conn code
Bug 699907 - (cov#10833) Use of uninitialized vars in SNMP code
Bug 700532 - (cov#10832) Incorrect if condition in dsalib
Bug 700875 - (cov#10778) Cleanup ds_bring_up_server_install() in dsalib
Bug 700890 - (cov#10812) Check return value of open() properly in libadmin
Bug 700948 - (cov#10846) - Use of uninitialized variable in mod_admserv
Bug 700948 - (cov#10845) Use of uninitialized variable in mod_admserv
Bug 700948 - (cov#10839) Use of uninitialized variable in security cgi
Bug 700948 - (cov#10837) Use of uninitialized variable in monreplication
Bug 700948 - (cov#10835) Use of unitialized pointer in config cgi
Bug 700948 - (cov#10813) dynamic overrun possibility in ds_listdb cgi
Bug 700948 - (cov#10842) Use of unintialized variable in statusping
Bug 700948 - (cov#10842) Use of unintialized variable in statusping
Bug 702150 - (cov#10823) File descriptors leaked in help cgi
Bug 702150 - (cov#10822,10821) file descriptor leaks in config cgi
Bug 702150 - (cov#10820,10819) file descriptor leaks in readlog cgi
Bug 702150 - leak of config array in dsalib
Bug 702150 - (cov#10816) file descriptor leak in dsalib
Bug 702150 - (cov#10817) Leak of string in libdsa
Bug 702150 - Resouce leaks in htmladmin.c
Bug 702705 - (cov#10830) NULL pointer dereference in htmladmin
Bug 702705 - NULL pointer dereferences in viewlog cgi
Bug 702705 - (cov#10803) NULL pointer dereference in security cgi
Bug 702705 - (cov#10785) NULL pointer dereference in ds_snmpctrl
Bug 702705 - (cov#10784,10783) NULL pointer dereferences in dsalib
Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy
Bug 724808 - startup CGIs write temp file to /
Bug 730079 - Update SELinux policy during upgrades
Noriko Hosoi (12):
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
start-ds-admin.in -- replaced "return 1" with "exit 1"
Bug 616260 - libds-admin-serv linking fails due to unresolved link-time dependencies
Bug 618858 - move start-ds-admin env file into main admin server
Bug 387981 - plain files can be chosen on the Restore Directory dialog
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 245278 - Changing to a password with a single quote does not work
Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
Bug 158926 - Unable to install CA certificate when using
Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
Bug 476925 - Admin Server: Do not allow 8-bit passwords for
Rich Megginson (44):
bump version to 1.1.12.a1
initial support for openldap
add selinux policy for dsgw
skip LD_PRELOAD if using openldap
add more log information if nss init fails
add even more nss debugging
Bug 618454 - mod_admserv should only clear NSS caches and shutdown if NSS is initialized
bump version to 1.1.12.a2
fix building with mozldap
bump version to 1.1.12.a3
fix autotool build issues with properties files
setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error
Bug 656441 - Missing library path entry causes LD_PRELOAD error
bump version to 1.1.13
bump version to 1.1.14.a1
Bug 664671 - Admin server segfault when full SSL access (http+ldap+console) required
bump version to 1.1.14
bump version to 1.1.15
bump version to 1.1.16
Bug 703990 - Support upgrade from Red Hat Directory Server
bump version to 1.1.17
add support for different skins
skip rebranding current brand
bump version to 1.1.18
look for separate openldap ldif library
bump version to 1.1.19
Bug 710372 - Not able to open the Manage Certificate from DS-console
better NSS error handling - reduce memory leaks
fix typo in NSS_Shutdown warning message
added tests for the security cgi
Bug 713000 - Migration stops if old admin server cannot be stopped
Bug 718079 - Perl errors when running migrate-ds-admin.pl
Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts
bump version to 1.1.20
bump version to 1.1.21
handle binary upgrade
add man pages for ds_removal and ds_unregister
bump version to 1.1.22
fix binary paths
bump version to 1.1.23
bump version to 1.1.24
Bug 695741 - Providing native systemd file for upcoming F16 Feature Systemd
Bug 740959 - 389-console put CA certificates into wrong database
bump version to 1.1.25
---
Makefile.am | 104
Makefile.in | 1444
VERSION.sh | 4
aclocal.m4 | 6991 ---
admserv/cfgstuff/httpd-2.2.conf.in | 13
admserv/cfgstuff/httpd.conf.in | 2
admserv/cfgstuff/initconfig.in | 5
admserv/cfgstuff/start-ds-admin.in | 83
admserv/cgi-ds/ds_listdb.c | 26
admserv/cgi-ds/ds_snmpctrl.c | 5
admserv/cgi-src40/ReadLog.c | 18
admserv/cgi-src40/admlib.mk | 119
admserv/cgi-src40/admpw.c | 70
admserv/cgi-src40/cgicommon.h | 1
admserv/cgi-src40/cgicommon.properties | 3
admserv/cgi-src40/config.c | 20
admserv/cgi-src40/dllglue.c | 42
admserv/cgi-src40/ds_create.in | 6
admserv/cgi-src40/dsconfig.c | 9
admserv/cgi-src40/head.html | 1
admserv/cgi-src40/help.c | 15
admserv/cgi-src40/htmladmin.c | 677
admserv/cgi-src40/htmladmin.properties | 42
admserv/cgi-src40/monreplication.c | 6
admserv/cgi-src40/repl-monitor-cgi.pl.in | 37
admserv/cgi-src40/restartsrv.c | 8
admserv/cgi-src40/sec-activate.c | 21
admserv/cgi-src40/security.c | 196
admserv/cgi-src40/statpingserv.c | 15
admserv/cgi-src40/stopsrv.c | 5
admserv/cgi-src40/ugdsconfig.c | 38
admserv/cgi-src40/viewdata.c | 152
admserv/cgi-src40/viewdata.properties | 2
admserv/cgi-src40/viewlog.c | 66
admserv/cgi-src40/viewlog.properties | 6
admserv/genrb_wrapper.sh | 2
admserv/html/admserv.html.in | 11
admserv/html/htmladmin.html.in | 13
admserv/html/monreplication.html | 20
admserv/html/viewdata.html | 6
admserv/html/viewlog.html | 14
admserv/makeUpgradeTar.sh | 30
admserv/newinst/src/25changefedorato389.pl | 250
admserv/newinst/src/25rebrand.pl.in | 413
admserv/newinst/src/30updateglobalpref.pl.in | 9
admserv/newinst/src/AdminMigration.pm.in | 79
admserv/newinst/src/AdminServer.pm.in | 93
admserv/newinst/src/AdminUtil.pm.in | 78
admserv/newinst/src/ConfigDSDialogs.pm | 30
admserv/newinst/src/dirserver.map.in | 1
admserv/newinst/src/setup-ds-admin.res.in | 3
admserv/schema/ldif/02globalpreferences.ldif.tmpl | 49
admserv/schema/ldif/10dsdata.ldif.tmpl | 39
compile | 21
config.guess | 302
config.h.in | 24
config.sub | 232
configure |40598 ++++++++++------------
configure.ac | 106
depcomp | 172
include/libadmin/libadmin.h | 64
include/libdsa/dsalib.h | 13
install-sh | 517
lib/libadmin/dllglue.c | 77
lib/libadmin/httpcon.c | 2
lib/libadmin/referer.c | 4
lib/libadmin/template.c | 29
lib/libadmin/util.c | 738
lib/libdsa/dsalib_conf.c | 37
lib/libdsa/dsalib_confs.c | 77
lib/libdsa/dsalib_location.c | 46
lib/libdsa/dsalib_tailf.c | 1
lib/libdsa/dsalib_updown.c | 74
lib/libdsa/dsalib_util.c | 13
ltmain.sh |13199 +++----
m4/mozldap.m4 | 116
m4/openldap.m4 | 138
m4/selinux.m4 | 3
man/man8/ds_removal.8 | 54
man/man8/ds_unregister.8 | 48
man/man8/restart-ds-admin.8 | 10
man/man8/start-ds-admin.8 | 10
man/man8/stop-ds-admin.8 | 10
missing | 104
mod_admserv/mod_admserv.c | 178
mod_admserv/mod_admserv.h | 15
mod_restartd/mod_restartd-2.2.c | 2
selinux/dirsrv-admin.fc.in | 5
selinux/dirsrv-admin.te | 2
tests/ds_create/testget.1 | 2
tests/htmladmin/testget.2 | 2
tests/htmladmin/testget.3 | 2
tests/htmladmin/testget.4 | 2
tests/htmladmin/testget.5 | 2
tests/htmladmin/testget.6 | 2
tests/htmladmin/testget.7 | 2
tests/htmladmin/testget.8 | 2
tests/security/testpost.1 | 1
tests/security/testpost.10 | 1
tests/security/testpost.11 | 1
tests/security/testpost.12 | 1
tests/security/testpost.13 | 1
tests/security/testpost.14 | 1
tests/security/testpost.15 | 1
tests/security/testpost.16 | 1
tests/security/testpost.17 | 1
tests/security/testpost.18 | 1
tests/security/testpost.19 | 1
tests/security/testpost.2 | 1
tests/security/testpost.20 | 1
tests/security/testpost.21 | 1
tests/security/testpost.3 | 1
tests/security/testpost.4 | 1
tests/security/testpost.5 | 1
tests/security/testpost.6 | 1
tests/security/testpost.7 | 1
tests/security/testpost.8 | 1
tests/security/testpost.9 | 1
tests/setup.sh | 250
tests/ugdsconfig/testget.10 | 2
tests/viewdata/testget.2 | 2
tests/viewdata/testget.3 | 2
tests/viewdata/testget.4 | 2
tests/viewlog/testget.3 | 2
tests/viewlog/testget.4 | 2
wrappers/systemd.service.in | 24
126 files changed, 32883 insertions(+), 35873 deletions(-)
---
12 years, 6 months
Changes to 'refs/tags/389-admin-1.1.24'
by Richard Allen Megginson
Changes since 389-admin-1.1.11:
Endi S. Dewata (3):
Bug 573889 - Migration does not remove deprecated schema
Bug 644929 - FDS to 389 DS migration results in both Fedora and 389 entries
Bug 470576 - Migration could do addition checks before commiting actions
Nathan Kinder (42):
Bug 648949 - Merge selinux policy into base OS
Regenerated autoconf files
Bug 638511 - dirsrv-admin crashes at startup with SELinux enabled
Bug 668950 - Add posix group support to Console
Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
Bug 618897 - Wrong permissions when creating instance from Console
Bug 493424 - remove unneeded modules for admin server apache config
Bug 614690 - Don't use exec to call genrb
Bug 699815 - (cov#10859) Add missing braces in mod_admserv code
Bug 699815 - (cov#10858) getenv() called twice in viewlog cgi
Bug 699815 - (cov#10849,10851) Remove unused variables
Bug 699907 - (cov#10844) Uninitialized time struct
Bug 699907 - (cov#10843) Use of uninitialized variable in logging code
Bug 699907 - (cov#10840) Use of uninitialized buffer in security cgi
Bug 699907 - (cov#10836) Use of uninitialized var in http conn code
Bug 699907 - (cov#10833) Use of uninitialized vars in SNMP code
Bug 700532 - (cov#10832) Incorrect if condition in dsalib
Bug 700875 - (cov#10778) Cleanup ds_bring_up_server_install() in dsalib
Bug 700890 - (cov#10812) Check return value of open() properly in libadmin
Bug 700948 - (cov#10846) - Use of uninitialized variable in mod_admserv
Bug 700948 - (cov#10845) Use of uninitialized variable in mod_admserv
Bug 700948 - (cov#10839) Use of uninitialized variable in security cgi
Bug 700948 - (cov#10837) Use of uninitialized variable in monreplication
Bug 700948 - (cov#10835) Use of unitialized pointer in config cgi
Bug 700948 - (cov#10813) dynamic overrun possibility in ds_listdb cgi
Bug 700948 - (cov#10842) Use of unintialized variable in statusping
Bug 700948 - (cov#10842) Use of unintialized variable in statusping
Bug 702150 - (cov#10823) File descriptors leaked in help cgi
Bug 702150 - (cov#10822,10821) file descriptor leaks in config cgi
Bug 702150 - (cov#10820,10819) file descriptor leaks in readlog cgi
Bug 702150 - leak of config array in dsalib
Bug 702150 - (cov#10816) file descriptor leak in dsalib
Bug 702150 - (cov#10817) Leak of string in libdsa
Bug 702150 - Resouce leaks in htmladmin.c
Bug 702705 - (cov#10830) NULL pointer dereference in htmladmin
Bug 702705 - NULL pointer dereferences in viewlog cgi
Bug 702705 - (cov#10803) NULL pointer dereference in security cgi
Bug 702705 - (cov#10785) NULL pointer dereference in ds_snmpctrl
Bug 702705 - (cov#10784,10783) NULL pointer dereferences in dsalib
Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy
Bug 724808 - startup CGIs write temp file to /
Bug 730079 - Update SELinux policy during upgrades
Noriko Hosoi (12):
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
start-ds-admin.in -- replaced "return 1" with "exit 1"
Bug 616260 - libds-admin-serv linking fails due to unresolved link-time dependencies
Bug 618858 - move start-ds-admin env file into main admin server
Bug 387981 - plain files can be chosen on the Restore Directory dialog
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 245278 - Changing to a password with a single quote does not work
Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
Bug 158926 - Unable to install CA certificate when using
Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
Bug 476925 - Admin Server: Do not allow 8-bit passwords for
Rich Megginson (42):
bump version to 1.1.12.a1
initial support for openldap
add selinux policy for dsgw
skip LD_PRELOAD if using openldap
add more log information if nss init fails
add even more nss debugging
Bug 618454 - mod_admserv should only clear NSS caches and shutdown if NSS is initialized
bump version to 1.1.12.a2
fix building with mozldap
bump version to 1.1.12.a3
fix autotool build issues with properties files
setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error
Bug 656441 - Missing library path entry causes LD_PRELOAD error
bump version to 1.1.13
bump version to 1.1.14.a1
Bug 664671 - Admin server segfault when full SSL access (http+ldap+console) required
bump version to 1.1.14
bump version to 1.1.15
bump version to 1.1.16
Bug 703990 - Support upgrade from Red Hat Directory Server
bump version to 1.1.17
add support for different skins
skip rebranding current brand
bump version to 1.1.18
look for separate openldap ldif library
bump version to 1.1.19
Bug 710372 - Not able to open the Manage Certificate from DS-console
better NSS error handling - reduce memory leaks
fix typo in NSS_Shutdown warning message
added tests for the security cgi
Bug 713000 - Migration stops if old admin server cannot be stopped
Bug 718079 - Perl errors when running migrate-ds-admin.pl
Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts
bump version to 1.1.20
bump version to 1.1.21
handle binary upgrade
add man pages for ds_removal and ds_unregister
bump version to 1.1.22
fix binary paths
bump version to 1.1.23
bump version to 1.1.24
Bug 695741 - Providing native systemd file for upcoming F16 Feature Systemd
---
Makefile.am | 104
Makefile.in | 1444
VERSION.sh | 4
aclocal.m4 | 6991 ---
admserv/cfgstuff/httpd-2.2.conf.in | 13
admserv/cfgstuff/httpd.conf.in | 2
admserv/cfgstuff/initconfig.in | 5
admserv/cfgstuff/start-ds-admin.in | 83
admserv/cgi-ds/ds_listdb.c | 26
admserv/cgi-ds/ds_snmpctrl.c | 5
admserv/cgi-src40/ReadLog.c | 18
admserv/cgi-src40/admlib.mk | 119
admserv/cgi-src40/admpw.c | 70
admserv/cgi-src40/cgicommon.h | 1
admserv/cgi-src40/cgicommon.properties | 3
admserv/cgi-src40/config.c | 20
admserv/cgi-src40/dllglue.c | 42
admserv/cgi-src40/ds_create.in | 6
admserv/cgi-src40/dsconfig.c | 9
admserv/cgi-src40/head.html | 1
admserv/cgi-src40/help.c | 15
admserv/cgi-src40/htmladmin.c | 677
admserv/cgi-src40/htmladmin.properties | 42
admserv/cgi-src40/monreplication.c | 6
admserv/cgi-src40/repl-monitor-cgi.pl.in | 37
admserv/cgi-src40/restartsrv.c | 8
admserv/cgi-src40/sec-activate.c | 21
admserv/cgi-src40/security.c | 231
admserv/cgi-src40/statpingserv.c | 15
admserv/cgi-src40/stopsrv.c | 5
admserv/cgi-src40/ugdsconfig.c | 38
admserv/cgi-src40/viewdata.c | 152
admserv/cgi-src40/viewdata.properties | 2
admserv/cgi-src40/viewlog.c | 66
admserv/cgi-src40/viewlog.properties | 6
admserv/genrb_wrapper.sh | 2
admserv/html/admserv.html.in | 11
admserv/html/htmladmin.html.in | 13
admserv/html/monreplication.html | 20
admserv/html/viewdata.html | 6
admserv/html/viewlog.html | 14
admserv/makeUpgradeTar.sh | 30
admserv/newinst/src/25changefedorato389.pl | 250
admserv/newinst/src/25rebrand.pl.in | 413
admserv/newinst/src/30updateglobalpref.pl.in | 9
admserv/newinst/src/AdminMigration.pm.in | 79
admserv/newinst/src/AdminServer.pm.in | 93
admserv/newinst/src/AdminUtil.pm.in | 78
admserv/newinst/src/ConfigDSDialogs.pm | 30
admserv/newinst/src/dirserver.map.in | 1
admserv/newinst/src/setup-ds-admin.res.in | 3
admserv/schema/ldif/02globalpreferences.ldif.tmpl | 49
admserv/schema/ldif/10dsdata.ldif.tmpl | 39
compile | 21
config.guess | 302
config.h.in | 24
config.sub | 232
configure |40598 ++++++++++------------
configure.ac | 106
depcomp | 172
include/libadmin/libadmin.h | 64
include/libdsa/dsalib.h | 13
install-sh | 517
lib/libadmin/dllglue.c | 77
lib/libadmin/httpcon.c | 2
lib/libadmin/referer.c | 4
lib/libadmin/template.c | 29
lib/libadmin/util.c | 738
lib/libdsa/dsalib_conf.c | 37
lib/libdsa/dsalib_confs.c | 77
lib/libdsa/dsalib_location.c | 46
lib/libdsa/dsalib_tailf.c | 1
lib/libdsa/dsalib_updown.c | 74
lib/libdsa/dsalib_util.c | 13
ltmain.sh |13199 +++----
m4/mozldap.m4 | 116
m4/openldap.m4 | 138
m4/selinux.m4 | 3
man/man8/ds_removal.8 | 54
man/man8/ds_unregister.8 | 48
man/man8/restart-ds-admin.8 | 10
man/man8/start-ds-admin.8 | 10
man/man8/stop-ds-admin.8 | 10
missing | 104
mod_admserv/mod_admserv.c | 178
mod_admserv/mod_admserv.h | 15
mod_restartd/mod_restartd-2.2.c | 2
selinux/dirsrv-admin.fc.in | 5
selinux/dirsrv-admin.te | 2
tests/ds_create/testget.1 | 2
tests/htmladmin/testget.2 | 2
tests/htmladmin/testget.3 | 2
tests/htmladmin/testget.4 | 2
tests/htmladmin/testget.5 | 2
tests/htmladmin/testget.6 | 2
tests/htmladmin/testget.7 | 2
tests/htmladmin/testget.8 | 2
tests/security/testpost.1 | 1
tests/security/testpost.10 | 1
tests/security/testpost.11 | 1
tests/security/testpost.12 | 1
tests/security/testpost.13 | 1
tests/security/testpost.14 | 1
tests/security/testpost.15 | 1
tests/security/testpost.16 | 1
tests/security/testpost.17 | 1
tests/security/testpost.18 | 1
tests/security/testpost.19 | 1
tests/security/testpost.2 | 1
tests/security/testpost.20 | 1
tests/security/testpost.21 | 1
tests/security/testpost.3 | 1
tests/security/testpost.4 | 1
tests/security/testpost.5 | 1
tests/security/testpost.6 | 1
tests/security/testpost.7 | 1
tests/security/testpost.8 | 1
tests/security/testpost.9 | 1
tests/setup.sh | 250
tests/ugdsconfig/testget.10 | 2
tests/viewdata/testget.2 | 2
tests/viewdata/testget.3 | 2
tests/viewdata/testget.4 | 2
tests/viewlog/testget.3 | 2
tests/viewlog/testget.4 | 2
wrappers/systemd.service.in | 24
126 files changed, 32907 insertions(+), 35884 deletions(-)
---
12 years, 6 months
2 commits - admserv/cgi-src40 VERSION.sh
by Richard Allen Megginson
VERSION.sh | 2 -
admserv/cgi-src40/security.c | 45 +++++++++++++++----------------------------
2 files changed, 17 insertions(+), 30 deletions(-)
New commits:
commit f2e612472162f36f988ae63be8bb9bc78b85c8e3
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Oct 28 16:53:58 2011 -0600
bump version to 1.1.25
diff --git a/VERSION.sh b/VERSION.sh
index 214584d..699116d 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -11,7 +11,7 @@ vendorurl=http://port389.org
# PACKAGE_VERSION is constructed from these
VERSION_MAJOR=1
VERSION_MINOR=1
-VERSION_MAINT=24
+VERSION_MAINT=25
# if this is a PRERELEASE, set VERSION_PREREL
# otherwise, comment it out
# be sure to include the dot prefix in the prerel
commit 1897c5ba53d4e385f16c88a75c13f7fb7a24cd92
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Oct 28 15:33:06 2011 -0600
Bug 740959 - 389-console put CA certificates into wrong database
https://bugzilla.redhat.com/show_bug.cgi?id=740959
Resolves: bug 740959
Bug Description: 389-console put CA certificates into wrong database
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: Now that the openldap/NSS memory leaks have been fixed, we
do not need the workaround of using NSS_InitContext, which doesn't work
anyway for cert db management. The fix is to revert to the old behavior
of using NSS_Shutdown/NSS_Initialize so that we can be sure we are using
the correct NSS database.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/admserv/cgi-src40/security.c b/admserv/cgi-src40/security.c
index 883c067..31da45d 100644
--- a/admserv/cgi-src40/security.c
+++ b/admserv/cgi-src40/security.c
@@ -115,7 +115,6 @@ extern "C" {
int expired = 0;
CERTCertDBHandle *certdb = NULL;
char line[BIG_LINE];
-static NSSInitContext *secctx = NULL;
static char *securitydir; /* based on the sie - security dir for ds or as */
@@ -234,27 +233,16 @@ static char * getParameter(char *key, char *keyName) {
return get_cgi_var(key, getResourceString(DBT_PARAMETERMISSING), line);
}
-static void closeAllSecurityDB(int global) {
+static void closeAllSecurityDB() {
/* close all db */
if (NSS_IsInitialized()) {
SSL_ClearSessionCache();
}
- if (secctx) {
- if (NSS_ShutdownContext(secctx)) {
- PR_snprintf(line, sizeof(line), getResourceString(CMN_NSS_SHUTDOWN_ERROR),
- PR_GetError(),
- SSL_Strerror(PR_GetError()) ? SSL_Strerror(PR_GetError()) : "unknown");
- rpt_err(GENERAL_FAILURE, line, NULL, NULL);
- }
- secctx = NULL;
- }
- if (global) {
- if (NSS_Shutdown()) {
- PR_snprintf(line, sizeof(line), getResourceString(CMN_NSS_SHUTDOWN_ERROR),
- PR_GetError(),
- SSL_Strerror(PR_GetError()) ? SSL_Strerror(PR_GetError()) : "unknown");
- rpt_warning(GENERAL_FAILURE, line, NULL, NULL);
- }
+ if (NSS_Shutdown()) {
+ PR_snprintf(line, sizeof(line), getResourceString(CMN_NSS_SHUTDOWN_ERROR),
+ PR_GetError(),
+ SSL_Strerror(PR_GetError()) ? SSL_Strerror(PR_GetError()) : "unknown");
+ rpt_warning(GENERAL_FAILURE, line, NULL, NULL);
}
}
@@ -266,7 +254,7 @@ static void errorAllocateMem() {
}
static void errorRpt(int type, char* detailInfo) {
- closeAllSecurityDB(1);
+ closeAllSecurityDB();
rpt_err(type,
getResourceString(DBT_ERROR_OCCURED),
detailInfo,
@@ -274,7 +262,7 @@ static void errorRpt(int type, char* detailInfo) {
}
static void errorRptExtended(int type, char* detail, char* extra) {
- closeAllSecurityDB(1);
+ closeAllSecurityDB();
rpt_err(type,
getResourceString(DBT_ERROR_OCCURED),
detail,
@@ -1033,18 +1021,17 @@ static void setTrust(char *certFingerprint, int trust) {
static void securityInitialization(char* securitydir) {
PRUint32 flags = 0;
+ char *db_name;
int const minPwdLen = 8;
int const pwdRequired = 1;
- NSSInitParameters initParams;
- memset(&initParams, 0, sizeof(initParams));
- initParams.length = sizeof(initParams);
- initParams.dbTokenDescription = strdup("internal (software) ");
- initParams.minPWLen = minPwdLen;
- initParams.passwordRequired = pwdRequired;
+ /* PKSC11 module must be configured before NSS is initialized */
+ db_name = strdup("internal (software) ");
+ PK11_ConfigurePKCS11(NULL,NULL,NULL,db_name,NULL,NULL,NULL,NULL,
+ minPwdLen, pwdRequired);
/* init NSS */
- if (!(secctx = NSS_InitContext(securitydir, NULL, NULL, SECMOD_DB, &initParams, flags))) {
+ if (NSS_Initialize(securitydir, NULL, NULL, SECMOD_DB, flags)) {
PR_snprintf(line, sizeof(line), getResourceString(CMN_SSL_INIT_ERROR),
securitydir ? securitydir : "(null)", PR_GetError(),
SSL_Strerror(PR_GetError()) ? SSL_Strerror(PR_GetError()) : "unknown");
@@ -2140,7 +2127,7 @@ int main(int argc, char *argv[])
/* we got here, we think sie is a valid prefix */
/* close all db - we may have had to open the admin server key/cert db
in order to use LDAPS before - now have to shut down NSS and reinit */
- closeAllSecurityDB(0);
+ closeAllSecurityDB();
securityInitialization(securitydir);
if (!PORT_Strcmp(operation, "LIST_CERTIFICATE")) {
@@ -2262,7 +2249,7 @@ int main(int argc, char *argv[])
errorRpt(INCORRECT_USAGE, line);
}
/* close all db */
- closeAllSecurityDB(1);
+ closeAllSecurityDB();
}
}
12 years, 6 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/back-ldbm.h | 22 +++++++++++-----------
ldap/servers/slapd/back-ldbm/backentry.c | 2 +-
ldap/servers/slapd/back-ldbm/cache.c | 19 ++++++++++++++-----
ldap/servers/slapd/back-ldbm/id2entry.c | 1 -
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 6 ++----
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 6 ++----
ldap/servers/slapd/modify.c | 4 ++++
7 files changed, 34 insertions(+), 26 deletions(-)
New commits:
commit 9a9f93c0b47a1755fd1bb637f35a730108119779
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Fri Oct 28 11:37:53 2011 -0700
Bug 745259 - Incorrect entryUSN index under high load
in replicated environment
https://bugzilla.redhat.com/show_bug.cgi?id=745259
Description:
. Changed the backend entry lock from PRLock to PRMonitor to
allow re-entrant locking. In ldbm_back_delete and ldbm_
back_modify, backend entry lock was released before calling
be_preop plugins and re-acquired just after that to avoid
the deadlock by the be_preop plugins called from the same
thread. The short no-lock window was the cause of the entry-
usn corruption. By replacing PRLock with the re-entrant
PRMonitor, we could eliminate the no-lock window.
. Cleaned up compiler warnings.
diff --git a/ldap/servers/slapd/back-ldbm/back-ldbm.h b/ldap/servers/slapd/back-ldbm/back-ldbm.h
index f5668d2..db0c833 100644
--- a/ldap/servers/slapd/back-ldbm/back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/back-ldbm.h
@@ -350,19 +350,19 @@ struct backcommon {
/* From ep_type through ep_size MUST be identical to backcommon */
struct backentry {
- int ep_type; /* to distinguish backdn from backentry */
- struct backcommon *ep_lrunext; /* for the cache */
- struct backcommon *ep_lruprev; /* for the cache */
- ID ep_id; /* entry id */
- char ep_state; /* state in the cache */
- int ep_refcnt; /* entry reference cnt */
+ int ep_type; /* to distinguish backdn from backentry */
+ struct backcommon *ep_lrunext; /* for the cache */
+ struct backcommon *ep_lruprev; /* for the cache */
+ ID ep_id; /* entry id */
+ char ep_state; /* state in the cache */
+ int ep_refcnt; /* entry reference cnt */
size_t ep_size; /* for cache tracking */
- Slapi_Entry *ep_entry; /* real entry */
+ Slapi_Entry *ep_entry; /* real entry */
Slapi_Entry *ep_vlventry;
- void * ep_dn_link; /* linkage for the 3 hash */
- void * ep_id_link; /* tables used for */
- void * ep_uuid_link; /* looking up entries */
- PRLock *ep_mutexp; /* protection for mods */
+ void * ep_dn_link; /* linkage for the 3 hash */
+ void * ep_id_link; /* tables used for */
+ void * ep_uuid_link; /* looking up entries */
+ PRMonitor *ep_mutexp; /* protection for mods; make it reentrant */
};
/* From ep_type through ep_size MUST be identical to backcommon */
diff --git a/ldap/servers/slapd/back-ldbm/backentry.c b/ldap/servers/slapd/back-ldbm/backentry.c
index c26f552..9fe6fb6 100644
--- a/ldap/servers/slapd/back-ldbm/backentry.c
+++ b/ldap/servers/slapd/back-ldbm/backentry.c
@@ -56,7 +56,7 @@ backentry_free( struct backentry **bep )
slapi_entry_free( ep->ep_entry );
}
if ( ep->ep_mutexp != NULL ) {
- PR_DestroyLock( ep->ep_mutexp );
+ PR_DestroyMonitor( ep->ep_mutexp );
}
slapi_ch_free( (void**)&ep );
*bep = NULL;
diff --git a/ldap/servers/slapd/back-ldbm/cache.c b/ldap/servers/slapd/back-ldbm/cache.c
index 3d09bb3..e2f1768 100644
--- a/ldap/servers/slapd/back-ldbm/cache.c
+++ b/ldap/servers/slapd/back-ldbm/cache.c
@@ -1437,19 +1437,28 @@ int cache_lock_entry(struct cache *cache, struct backentry *e)
if (! e->ep_mutexp) {
/* make sure only one thread does this */
PR_Lock(cache->c_emutexalloc_mutex);
- if (! e->ep_mutexp)
- e->ep_mutexp = PR_NewLock();
+ if (! e->ep_mutexp) {
+ e->ep_mutexp = PR_NewMonitor();
+ if (!e->ep_mutexp) {
+ LOG("<= cache_lock_entry (DELETED)\n", 0, 0, 0);
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "cache_lock_entry: failed to create a lock for %s\n",
+ backentry_get_ndn(e));
+ LOG("<= cache_lock_entry (FAILED)\n", 0, 0, 0);
+ return 1;
+ }
+ }
PR_Unlock(cache->c_emutexalloc_mutex);
}
/* wait on entry lock (done w/o holding the cache lock) */
- PR_Lock(e->ep_mutexp);
+ PR_EnterMonitor(e->ep_mutexp);
/* make sure entry hasn't been deleted now */
PR_Lock(cache->c_mutex);
if (e->ep_state & (ENTRY_STATE_DELETED|ENTRY_STATE_NOTINCACHE)) {
PR_Unlock(cache->c_mutex);
- PR_Unlock(e->ep_mutexp);
+ PR_ExitMonitor(e->ep_mutexp);
LOG("<= cache_lock_entry (DELETED)\n", 0, 0, 0);
return 1;
}
@@ -1463,7 +1472,7 @@ int cache_lock_entry(struct cache *cache, struct backentry *e)
void cache_unlock_entry(struct cache *cache, struct backentry *e)
{
LOG("=> cache_unlock_entry\n", 0, 0, 0);
- PR_Unlock(e->ep_mutexp);
+ PR_ExitMonitor(e->ep_mutexp);
}
/* DN cache */
diff --git a/ldap/servers/slapd/back-ldbm/id2entry.c b/ldap/servers/slapd/back-ldbm/id2entry.c
index bd51a7f..91a4ff0 100644
--- a/ldap/servers/slapd/back-ldbm/id2entry.c
+++ b/ldap/servers/slapd/back-ldbm/id2entry.c
@@ -95,7 +95,6 @@ id2entry_add_ext( backend *be, struct backentry *e, back_txn *txn, int encrypt
memset(&data, 0, sizeof(data));
if (entryrdn_get_switch())
{
- Slapi_Attr *eattr = NULL;
struct backdn *oldbdn = NULL;
Slapi_DN *sdn =
slapi_sdn_dup(slapi_entry_get_sdn_const(entry_to_use));
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index c1f1142..46bfcc3 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -210,11 +210,9 @@ ldbm_back_delete( Slapi_PBlock *pb )
goto error_return;
}
slapi_pblock_set(pb, SLAPI_RESULT_CODE, &ldap_result_code);
- /* have to unlock the entry here, in case the bepreop attempts
- to modify the same entry == deadlock */
- cache_unlock_entry( &inst->inst_cache, e );
+
rc = plugin_call_plugins(pb, SLAPI_PLUGIN_BE_PRE_DELETE_FN);
- cache_lock_entry( &inst->inst_cache, e );
+
if (rc == -1)
{
/*
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index 1a85e14..ba6527f 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -307,11 +307,9 @@ ldbm_back_modify( Slapi_PBlock *pb )
/* ec is the entry that our bepreop should get to mess with */
slapi_pblock_set( pb, SLAPI_MODIFY_EXISTING_ENTRY, ec->ep_entry );
slapi_pblock_set(pb, SLAPI_RESULT_CODE, &ldap_result_code);
- /* have to unlock the entry here, in case the bepreop attempts
- to modify the same entry == deadlock */
- cache_unlock_entry( &inst->inst_cache, e );
+
plugin_call_plugins(pb, SLAPI_PLUGIN_BE_PRE_MODIFY_FN);
- cache_lock_entry( &inst->inst_cache, e );
+
slapi_pblock_get(pb, SLAPI_RESULT_CODE, &ldap_result_code);
/* The Plugin may have messed about with some of the PBlock parameters... ie. mods */
slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods );
diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index 45e55b2..a0af006 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -75,7 +75,9 @@
/* Forward declarations */
static int modify_internal_pb (Slapi_PBlock *pb);
static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw);
+#if 0 /* not used */
static void remove_mod (Slapi_Mods *smods, const char *type, Slapi_Mods *smod_unhashed);
+#endif
static int op_shared_allow_pw_change (Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_Mods *smods);
static int hash_rootpw (LDAPMod **mods);
@@ -976,6 +978,7 @@ free_and_return:
}
}
+#if 0 /* not used */
static void remove_mod (Slapi_Mods *smods, const char *type, Slapi_Mods *smod_unhashed)
{
LDAPMod *mod;
@@ -991,6 +994,7 @@ static void remove_mod (Slapi_Mods *smods, const char *type, Slapi_Mods *smod_un
}
}
}
+#endif
static int op_shared_allow_pw_change (Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_Mods *smods)
{
12 years, 6 months
ldap/servers lib/libaccess
by Noriko Hosoi
ldap/servers/plugins/acctpolicy/acct_plugin.c | 11
ldap/servers/plugins/acl/acl.c | 46 -
ldap/servers/plugins/acl/acl.h | 2
ldap/servers/plugins/acl/acl_ext.c | 8
ldap/servers/plugins/acl/acleffectiverights.c | 30
ldap/servers/plugins/acl/acllas.c | 49 -
ldap/servers/plugins/acl/acllist.c | 43
ldap/servers/plugins/acl/aclparse.c | 20
ldap/servers/plugins/acl/aclplugin.c | 8
ldap/servers/plugins/automember/automember.c | 90 --
ldap/servers/plugins/chainingdb/cb_add.c | 29
ldap/servers/plugins/chainingdb/cb_bind.c | 61 -
ldap/servers/plugins/chainingdb/cb_compare.c | 46 -
ldap/servers/plugins/chainingdb/cb_controls.c | 6
ldap/servers/plugins/chainingdb/cb_delete.c | 43
ldap/servers/plugins/chainingdb/cb_instance.c | 24
ldap/servers/plugins/chainingdb/cb_modify.c | 55 -
ldap/servers/plugins/chainingdb/cb_modrdn.c | 92 +-
ldap/servers/plugins/chainingdb/cb_search.c | 120 +-
ldap/servers/plugins/chainingdb/cb_utils.c | 2
ldap/servers/plugins/cos/cos_cache.c | 660 +++++++--------
ldap/servers/plugins/dna/dna.c | 62 -
ldap/servers/plugins/linkedattrs/fixup_task.c | 16
ldap/servers/plugins/linkedattrs/linked_attrs.c | 48 -
ldap/servers/plugins/linkedattrs/linked_attrs.h | 2
ldap/servers/plugins/memberof/memberof.c | 23
ldap/servers/plugins/mep/mep.c | 167 +--
ldap/servers/plugins/pam_passthru/pam_passthru.h | 2
ldap/servers/plugins/pam_passthru/pam_ptconfig.c | 2
ldap/servers/plugins/pam_passthru/pam_ptimpl.c | 16
ldap/servers/plugins/pam_passthru/pam_ptpreop.c | 9
ldap/servers/plugins/passthru/passthru.h | 4
ldap/servers/plugins/passthru/ptbind.c | 6
ldap/servers/plugins/passthru/ptconn.c | 8
ldap/servers/plugins/passthru/ptpreop.c | 17
ldap/servers/plugins/referint/referint.c | 159 +--
ldap/servers/plugins/replication/cl4_api.c | 2
ldap/servers/plugins/replication/cl5_api.c | 80 -
ldap/servers/plugins/replication/cl5_test.c | 2
ldap/servers/plugins/replication/legacy_consumer.c | 14
ldap/servers/plugins/replication/repl.h | 2
ldap/servers/plugins/replication/repl5.h | 3
ldap/servers/plugins/replication/repl5_agmt.c | 15
ldap/servers/plugins/replication/repl5_agmtlist.c | 22
ldap/servers/plugins/replication/repl5_inc_protocol.c | 12
ldap/servers/plugins/replication/repl5_init.c | 4
ldap/servers/plugins/replication/repl5_mtnode_ext.c | 13
ldap/servers/plugins/replication/repl5_plugins.c | 2
ldap/servers/plugins/replication/repl5_replica.c | 26
ldap/servers/plugins/replication/repl5_replica_config.c | 14
ldap/servers/plugins/replication/repl5_updatedn_list.c | 2
ldap/servers/plugins/replication/repl_bind.c | 6
ldap/servers/plugins/replication/repl_compare.c | 17
ldap/servers/plugins/replication/repl_connext.c | 2
ldap/servers/plugins/replication/repl_extop.c | 25
ldap/servers/plugins/replication/replutil.c | 22
ldap/servers/plugins/replication/urp.c | 105 +-
ldap/servers/plugins/replication/urp.h | 2
ldap/servers/plugins/replication/urp_glue.c | 4
ldap/servers/plugins/replication/urp_tombstone.c | 6
ldap/servers/plugins/replication/windows_connection.c | 2
ldap/servers/plugins/replication/windows_private.c | 16
ldap/servers/plugins/replication/windows_protocol_util.c | 50 -
ldap/servers/plugins/retrocl/retrocl_po.c | 8
ldap/servers/plugins/roles/roles_cache.c | 10
ldap/servers/plugins/statechange/statechange.c | 19
ldap/servers/plugins/uiduniq/7bit.c | 41
ldap/servers/plugins/uiduniq/uid.c | 137 +--
ldap/servers/plugins/views/views.c | 11
ldap/servers/slapd/add.c | 64 -
ldap/servers/slapd/auditlog.c | 25
ldap/servers/slapd/auth.c | 40
ldap/servers/slapd/back-ldbm/ancestorid.c | 73 +
ldap/servers/slapd/back-ldbm/dblayer.c | 2
ldap/servers/slapd/back-ldbm/dn2entry.c | 27
ldap/servers/slapd/back-ldbm/findentry.c | 31
ldap/servers/slapd/back-ldbm/id2entry.c | 20
ldap/servers/slapd/back-ldbm/idl_common.c | 6
ldap/servers/slapd/back-ldbm/import-threads.c | 74 -
ldap/servers/slapd/back-ldbm/index.c | 2
ldap/servers/slapd/back-ldbm/instance.c | 1
ldap/servers/slapd/back-ldbm/ldbm_add.c | 61 -
ldap/servers/slapd/back-ldbm/ldbm_config.c | 30
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 16
ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c | 4
ldap/servers/slapd/back-ldbm/ldbm_instance_config.c | 21
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 2
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 125 +-
ldap/servers/slapd/back-ldbm/ldbm_search.c | 87 +
ldap/servers/slapd/back-ldbm/ldif2ldbm.c | 53 -
ldap/servers/slapd/back-ldbm/misc.c | 3
ldap/servers/slapd/back-ldbm/vlv_srch.c | 2
ldap/servers/slapd/bind.c | 79 -
ldap/servers/slapd/bulk_import.c | 39
ldap/servers/slapd/charray.c | 21
ldap/servers/slapd/compare.c | 36
ldap/servers/slapd/delete.c | 77 -
ldap/servers/slapd/dn.c | 403 ++++++---
ldap/servers/slapd/dse.c | 98 --
ldap/servers/slapd/entry.c | 203 ++--
ldap/servers/slapd/extendop.c | 21
ldap/servers/slapd/fedse.c | 2
ldap/servers/slapd/libglobs.c | 5
ldap/servers/slapd/main.c | 16
ldap/servers/slapd/mapping_tree.c | 82 +
ldap/servers/slapd/modify.c | 126 +-
ldap/servers/slapd/modrdn.c | 254 +++--
ldap/servers/slapd/modutil.c | 17
ldap/servers/slapd/operation.c | 25
ldap/servers/slapd/opshared.c | 123 +-
ldap/servers/slapd/passwd_extop.c | 152 +--
ldap/servers/slapd/pblock.c | 120 ++
ldap/servers/slapd/plugin.c | 80 -
ldap/servers/slapd/plugin_acl.c | 19
ldap/servers/slapd/plugin_internal_op.c | 131 +-
ldap/servers/slapd/plugin_syntax.c | 10
ldap/servers/slapd/proto-slap.h | 2
ldap/servers/slapd/proxyauth.c | 15
ldap/servers/slapd/psearch.c | 64 -
ldap/servers/slapd/pw.c | 41
ldap/servers/slapd/pw_mgmt.c | 16
ldap/servers/slapd/pw_retry.c | 51 -
ldap/servers/slapd/rdn.c | 23
ldap/servers/slapd/referral.c | 25
ldap/servers/slapd/result.c | 10
ldap/servers/slapd/saslbind.c | 25
ldap/servers/slapd/search.c | 42
ldap/servers/slapd/slap.h | 5
ldap/servers/slapd/slapi-plugin.h | 254 +++++
ldap/servers/slapd/slapi-private.h | 11
ldap/servers/slapd/task.c | 32
ldap/servers/slapd/tools/ldclt/ldapfct.c | 5
ldap/servers/slapd/util.c | 49 -
ldap/servers/slapd/uuid.c | 3
ldap/servers/slapd/value.c | 27
lib/libaccess/lasdns.cpp | 8
136 files changed, 3483 insertions(+), 2815 deletions(-)
New commits:
commit f6397113666f06848412bb12f754f04258cfa5fa
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Wed Oct 19 16:51:48 2011 -0700
Reduce the number of DN normalization
. Adding SLAPI_TARGET_SDN as well as its macros, SLAPI_SEARCH_TARGET_
SDN SLAPI_ADD_TARGET_SDN, SLAPI_MODIFY_TARGET_SDN, etc.
. Adding SLAPI_MODRDN_NEWSUPERIOR_SDN.
. SLAPI_TARGET_DN and SLAPI_MODRDN_NEWSUPERIOR are kept for the back-
ward compatibility. But they are marked as deprecated. They are
pointing dn in SLAPI_TARGET_SDN and SLAPI_MODRDN_NEWSUPERIOR_SDN,
respectively.
. slapi_pblock_set(.., SLAPI_TARGET_DN/SLAPI_MODRDN_NEWSUPERIOR, dn)
takes dn string and reset Slapi_DN to SLAPI_TARGET_SDN/SLAPI_MODRDN_
NEWSUPERIOR_SDN.
. slapi_pblock_get(.., SLAPI_TARGET_DN/SLAPI_MODRDN_NEWSUPERIOR, &dn)
retrieves dn out of SLAPI_TARGET_SDN/SLAPI_MODRDN_NEWSUPERIOR_SDN.
. Replacing slapi_dn_normalization_ext call with generating Slapi_DN
APIs (e.g., slapi_sdn_new_dn_...) as much as possible and stash it
in pblock using SLAPI_TARGET_SDN.
. When a normalized DN string is needed, get it using slapi_sdn_get_[n]dn
from the stashed Slapi_DN.
. Introduced a new field "udn" to Slapi_DN.
"udn" is an original DN.
"dn" is its normalized DN.
"ndn" is its case-lowered normalized DN.
Note: slapi_sdn_get_ndn_len represents the length of the normalized
DN, which is "dn" as well as "ndn". Thus, instead of calling strlen
for the normalized dn, using slapi_sdn_get_ndn_len, as much as possible.
. Taking advantage of the knowledge of the stage of the DN, call the
most efficient DN creating API (e.g., slapi_sdn_new_dn_... vs.
slapi_sdn_new_normdn_... vs. slapi_sdn_new_ndn_...)
Others
. Replacing inefficient array assignment with memset (acl.c) and
memcpy (idl_common.c).
. Fixing invalid memory access in LASDnsBuild (lib/libaccess/lasdns.cpp).
. Fixing compiler warnings.
Reviewed by rmeggins(a)redhat.com (Thank you, Rich!!)
diff --git a/ldap/servers/plugins/acctpolicy/acct_plugin.c b/ldap/servers/plugins/acctpolicy/acct_plugin.c
index 6d9edb3..5969bec 100644
--- a/ldap/servers/plugins/acctpolicy/acct_plugin.c
+++ b/ldap/servers/plugins/acctpolicy/acct_plugin.c
@@ -32,7 +32,7 @@ Hewlett-Packard Development Company, L.P.
login time plus the limit to decide whether to deny the bind.
*/
static int
-acct_inact_limit( Slapi_PBlock *pb, char *dn, Slapi_Entry *target_entry, acctPolicy *policy )
+acct_inact_limit( Slapi_PBlock *pb, const char *dn, Slapi_Entry *target_entry, acctPolicy *policy )
{
char *lasttimestr = NULL;
time_t lim_t, last_t, cur_t;
@@ -153,7 +153,7 @@ done:
int
acct_bind_preop( Slapi_PBlock *pb )
{
- char *dn = NULL;
+ const char *dn = NULL;
Slapi_DN *sdn = NULL;
Slapi_Entry *target_entry = NULL;
int rc = 0; /* Optimistic default */
@@ -167,20 +167,19 @@ acct_bind_preop( Slapi_PBlock *pb )
plugin_id = get_identity();
/* This does not give a copy, so don't free it */
- if( slapi_pblock_get( pb, SLAPI_BIND_TARGET, &dn ) != 0 ) {
+ if( slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &sdn ) != 0 ) {
slapi_log_error( SLAPI_LOG_FATAL, PRE_PLUGIN_NAME,
"Error retrieving target DN\n" );
rc = -1;
goto done;
}
+ dn = slapi_sdn_get_dn(sdn);
/* The plugin wouldn't get called for anonymous binds but let's check */
if ( dn == NULL ) {
goto done;
}
- sdn = slapi_sdn_new_dn_byref( dn );
-
ldrc = slapi_search_internal_get_entry( sdn, NULL, &target_entry,
plugin_id );
@@ -222,8 +221,6 @@ done:
slapi_entry_free( target_entry );
- slapi_sdn_free( &sdn );
-
free_acctpolicy( &policy );
slapi_log_error( SLAPI_LOG_PLUGIN, PRE_PLUGIN_NAME,
diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c
index 657c5ec..0ae1a24 100644
--- a/ldap/servers/plugins/acl/acl.c
+++ b/ldap/servers/plugins/acl/acl.c
@@ -95,8 +95,8 @@ static void print_access_control_summary( char * source,
char *attr,
const char *edn,
aclResultReason_t *acl_reason);
-static int check_rdn_access( Slapi_PBlock *pb,Slapi_Entry *e, char * newrdn,
- int access);
+static int check_rdn_access( Slapi_PBlock *pb, Slapi_Entry *e,
+ const char * newrdn, int access);
/*
@@ -117,7 +117,9 @@ acl_access_allowed_modrdn(
)
{
int retCode ;
- char *newrdn, *oldrdn;
+ char *newrdn;
+ const char *oldrdn;
+ Slapi_DN *target_sdn = NULL;
int deleteoldrdn = 0;
/*
@@ -134,9 +136,8 @@ acl_access_allowed_modrdn(
}
/* Now get the new rdn attribute name and value */
-
- slapi_pblock_get( pb, SLAPI_MODRDN_TARGET, &oldrdn );
- slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
+ slapi_pblock_get( pb, SLAPI_MODRDN_TARGET_SDN, &target_sdn );
+ slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
/* Check can add the new naming attribute */
retCode = check_rdn_access( pb, e, newrdn, ACLPB_SLAPI_ACL_WRITE_ADD) ;
@@ -149,6 +150,7 @@ acl_access_allowed_modrdn(
/* Check can delete the new naming attribute--if required */
slapi_pblock_get( pb, SLAPI_MODRDN_DELOLDRDN, &deleteoldrdn );
if ( deleteoldrdn ) {
+ oldrdn = slapi_sdn_get_dn(target_sdn);
retCode = check_rdn_access( pb, e, oldrdn, ACLPB_SLAPI_ACL_WRITE_DEL) ;
if ( retCode != LDAP_SUCCESS ) {
slapi_log_error( SLAPI_LOG_ACL, plugin_name,
@@ -164,7 +166,7 @@ acl_access_allowed_modrdn(
* Test if have access to make the first rdn of dn in entry e.
*/
-static int check_rdn_access( Slapi_PBlock *pb, Slapi_Entry *e, char *dn,
+static int check_rdn_access( Slapi_PBlock *pb, Slapi_Entry *e, const char *dn,
int access) {
char **dns;
@@ -320,7 +322,7 @@ acl_access_allowed(
TNF_PROBE_0_DEBUG(acl_skipaccess_end,"ACL","");
- /* Get the bindDN */
+ /* Get the bindDN (normalized & case-ignored) */
slapi_pblock_get ( pb, SLAPI_REQUESTOR_DN, &clientDn );
/* Initialize aclpb */
@@ -486,7 +488,7 @@ acl_access_allowed(
TNF_PROBE_0_DEBUG(acl_aciscan_start,"ACL","");
slapi_sdn_done ( aclpb->aclpb_curr_entry_sdn );
- slapi_sdn_set_dn_byval ( aclpb->aclpb_curr_entry_sdn, n_edn );
+ slapi_sdn_set_ndn_byval ( aclpb->aclpb_curr_entry_sdn, n_edn );
acllist_aciscan_update_scan ( aclpb, n_edn );
TNF_PROBE_0_DEBUG(acl_aciscan_end,"ACL","");
@@ -1064,16 +1066,14 @@ acl_read_access_allowed_on_entry (
* which was found in the entry and that attribute is
* now in aclpb_Evalattr
*/
- aclpb->aclpb_state |=
- ACLPB_ACCESS_ALLOWED_USERATTR;
+ aclpb->aclpb_state |= ACLPB_ACCESS_ALLOWED_USERATTR;
} else {
#endif /* DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES */
/*
* Access was granted to _an_ attribute in the entry and that
* attribute is now in aclpb_Evalattr
*/
- aclpb->aclpb_state |=
- ACLPB_ACCESS_ALLOWED_ON_A_ATTR;
+ aclpb->aclpb_state |= ACLPB_ACCESS_ALLOWED_ON_A_ATTR;
#ifdef DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES
}
#endif /* DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES */
@@ -1084,8 +1084,8 @@ acl_read_access_allowed_on_entry (
} else {
/* try the next one */
attr_type = NULL;
-#ifdef DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES
- if (attr_index >= 0) {
+#ifdef DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES
+ if (attr_index >= 0) {
attr_type = attrs[attr_index++];
} else {
#endif /* DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES */
@@ -1546,7 +1546,7 @@ acl_modified (Slapi_PBlock *pb, int optype, char *n_dn, void *change)
Slapi_DN *e_sdn;
aclUserGroup *ugroup = NULL;
- e_sdn = slapi_sdn_new_ndn_byval ( n_dn );
+ e_sdn = slapi_sdn_new_normdn_byval ( n_dn );
/* Before we proceed, Let's first check if we are changing any groups.
** If we are, then we need to change the signature
*/
@@ -1836,7 +1836,6 @@ acl__scan_for_acis(Acl_PBlock *aclpb, int *err)
int allow_handle;
int gen_allow_handle = ACI_MAX_ELEVEL+1;
int gen_deny_handle = ACI_MAX_ELEVEL+1;
- int i;
PRUint32 cookie;
TNF_PROBE_0_DEBUG(acl__scan_for_acis_start,"ACL","");
@@ -1849,20 +1848,18 @@ acl__scan_for_acis(Acl_PBlock *aclpb, int *err)
aclpb->aclpb_handles_index[0] != -1 ) {
int kk = 0;
while ( kk < ACLPB_MAX_SELECTED_ACLS && aclpb->aclpb_handles_index[kk] != -1 ) {
- slapi_log_error(SLAPI_LOG_ACL, plugin_name, "Using ACL Cointainer:%d for evaluation\n", kk);
+ slapi_log_error(SLAPI_LOG_ACL, plugin_name, "Using ACL Container:%d for evaluation\n", kk);
kk++;
}
}
-
+
memset (&errp, 0, sizeof(NSErr_t));
*err = ACL_FALSE;
aclpb->aclpb_num_deny_handles = -1;
aclpb->aclpb_num_allow_handles = -1;
- for (i=0; i <= ACI_MAX_ELEVEL; i++) {
- aclpb->aclpb_deny_handles [i] = NULL;
- aclpb->aclpb_allow_handles [i] = NULL;
- }
-
+ memset(aclpb->aclpb_deny_handles, 0, sizeof(aci_t *)*(ACI_MAX_ELEVEL+1));
+ memset(aclpb->aclpb_allow_handles, 0, sizeof(aci_t *)*(ACI_MAX_ELEVEL+1));
+
/* Check the signature. If it has changed, start fresh */
if ( aclpb->aclpb_signature != acl_signature ) {
slapi_log_error (SLAPI_LOG_ACL, plugin_name,
@@ -1873,7 +1870,6 @@ acl__scan_for_acis(Acl_PBlock *aclpb, int *err)
attr_matched = ACL_FALSE;
deny_handle = 0;
allow_handle = 0;
- i = 0;
aclpb->aclpb_stat_acllist_scanned++;
aci = acllist_get_first_aci ( aclpb, &cookie );
diff --git a/ldap/servers/plugins/acl/acl.h b/ldap/servers/plugins/acl/acl.h
index 0d97769..8747de1 100644
--- a/ldap/servers/plugins/acl/acl.h
+++ b/ldap/servers/plugins/acl/acl.h
@@ -838,7 +838,7 @@ void aclutil_print_resource( struct acl_pblock *aclpb, char *right , char *attr
char * aclutil_expand_paramString ( char *str, Slapi_Entry *e );
-void acllist_init_scan (Slapi_PBlock *pb, int scope, char *base);
+void acllist_init_scan (Slapi_PBlock *pb, int scope, const char *base);
aci_t * acllist_get_first_aci (Acl_PBlock *aclpb, PRUint32 *cookie );
aci_t * acllist_get_next_aci ( Acl_PBlock *aclpb, aci_t *curraci, PRUint32 *cookie );
aci_t * acllist_get_aci_new ();
diff --git a/ldap/servers/plugins/acl/acl_ext.c b/ldap/servers/plugins/acl/acl_ext.c
index 61d8dd1..df7d1ed 100644
--- a/ldap/servers/plugins/acl/acl_ext.c
+++ b/ldap/servers/plugins/acl/acl_ext.c
@@ -658,7 +658,7 @@ error:
/* Initializes the aclpb */
void
-acl_init_aclpb ( Slapi_PBlock *pb , Acl_PBlock *aclpb, const char *dn, int copy_from_aclcb)
+acl_init_aclpb ( Slapi_PBlock *pb , Acl_PBlock *aclpb, const char *ndn, int copy_from_aclcb)
{
struct acl_cblock *aclcb = NULL;
char *authType;
@@ -685,8 +685,8 @@ acl_init_aclpb ( Slapi_PBlock *pb , Acl_PBlock *aclpb, const char *dn, int copy_
aclpb->aclpb_state = ACLPB_INITIALIZED;
/* We make an anonymous user a non null dn which is empty */
- if (dn && *dn != '\0' )
- slapi_sdn_set_ndn_byval ( aclpb->aclpb_authorization_sdn, dn );
+ if (ndn && *ndn != '\0' )
+ slapi_sdn_set_ndn_byval ( aclpb->aclpb_authorization_sdn, ndn );
else
slapi_sdn_set_ndn_byval ( aclpb->aclpb_authorization_sdn, "" );
@@ -716,7 +716,7 @@ acl_init_aclpb ( Slapi_PBlock *pb , Acl_PBlock *aclpb, const char *dn, int copy_
slapi_pblock_get ( pb, SLAPI_CONN_CERT, &aclpb->aclpb_clientcert );
/* See if the we have already a cached info about user's group */
- aclg_init_userGroup ( aclpb, dn, 0 /* get lock */ );
+ aclg_init_userGroup ( aclpb, ndn, 0 /* get lock */ );
slapi_pblock_get( pb, SLAPI_BE_MAXNESTLEVEL, &aclpb->aclpb_max_nesting_level );
slapi_pblock_get( pb, SLAPI_SEARCH_SIZELIMIT, &aclpb->aclpb_max_member_sizelimit );
diff --git a/ldap/servers/plugins/acl/acleffectiverights.c b/ldap/servers/plugins/acl/acleffectiverights.c
index b596c8f..3d1f754 100644
--- a/ldap/servers/plugins/acl/acleffectiverights.c
+++ b/ldap/servers/plugins/acl/acleffectiverights.c
@@ -197,7 +197,6 @@ _ger_parse_control (
size_t subjectndnlen = 0;
char *orig = NULL;
char *normed = NULL;
- int rc = 0;
if (NULL == subjectndn)
{
@@ -268,22 +267,17 @@ _ger_parse_control (
}
/* memmove is safe for overlapping copy */
- rc = slapi_dn_normalize_ext(orig + 3, 0, &normed, &subjectndnlen);
- if (rc < 0) {
- aclutil_str_append ( errbuf, "get-effective-rights: failed to normalize dn: ");
- aclutil_str_append ( errbuf, orig);
- slapi_log_error (SLAPI_LOG_FATAL, plugin_name, "%s\n", *errbuf );
+ normed = slapi_create_dn_string("%s", orig + 3);
+ if (NULL == normed) {
+ aclutil_str_append (errbuf, "get-effective-rights: failed to normalize dn: ");
+ aclutil_str_append (errbuf, orig);
+ slapi_log_error (SLAPI_LOG_FATAL, plugin_name, "%s\n", *errbuf);
slapi_ch_free_string(&orig);
return LDAP_INVALID_SYNTAX;
}
- if (rc == 0) { /* orig+3 is passed in; not terminated */
- *(normed + subjectndnlen) = '\0';
- *subjectndn = slapi_ch_strdup(normed);
- slapi_ch_free_string(&orig);
- } else {
- slapi_ch_free_string(&orig);
- *subjectndn = normed;
- }
+ slapi_ch_free_string(&orig);
+ *subjectndn = normed;
+ slapi_dn_ignore_case(*subjectndn);
return LDAP_SUCCESS;
}
@@ -839,7 +833,8 @@ _ger_generate_template_entry (
char *object = NULL;
char *superior = NULL;
char *p = NULL;
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
char *dntype = NULL;
int siz = 0;
int len = 0;
@@ -856,8 +851,6 @@ _ger_generate_template_entry (
rc = LDAP_SUCCESS;
goto bailout;
}
- /* get the target dn where the template entry is located */
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
for (i = 0; gerattrs && gerattrs[i]; i++)
{
object = strchr(gerattrs[i], '@');
@@ -907,6 +900,9 @@ _ger_generate_template_entry (
siz += strlen(attrs[i]) + 4 + 20;
}
}
+ /* get the target dn where the template entry is located */
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
if (dn)
{
/* dn: <attr>=<template_name>,<dn>\n\0 */
diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c
index e08c70c..4a82717 100644
--- a/ldap/servers/plugins/acl/acllas.c
+++ b/ldap/servers/plugins/acl/acllas.c
@@ -671,19 +671,17 @@ DS_LASUserDnEval(NSErr_t *errp, char *attr_name, CmpOp_t comparator,
break;
}
if (rc == ACL_ERR) {
- slapi_log_error( SLAPI_LOG_ACL, plugin_name,
- "DS_LASUserDnEval:Error in matching patteren(%s)\n",
- user);
+ slapi_log_error( SLAPI_LOG_ACL, plugin_name,
+ "DS_LASUserDnEval:Error in matching patteren(%s)\n",
+ user);
}
slapi_filter_free(f,1);
} else {
/* Must be a simple dn then */
- char *normed = NULL;
- size_t dnlen = 0;
- rc = slapi_dn_normalize_ext(user, 0, &normed, &dnlen);
- if (rc == 0) { /* user passed in; not terminated */
- *(normed + dnlen) = '\0';
- } else if (rc < 0) { /* normalization failed, user the original */
+ char *normed = slapi_create_dn_string("%s", user);
+ if (NULL == normed) {
+ slapi_log_error( SLAPI_LOG_FATAL, plugin_name,
+ "DS_LASUserDnEval:Error in normalizing dn(%s)\n", user);
normed = user;
}
rc = slapi_utf8casecmp((ACLUCHP)lasinfo.clientDn, (ACLUCHP)normed);
@@ -2375,7 +2373,7 @@ static int
acllas__handle_group_entry (Slapi_Entry* e, void *callback_data)
{
struct eval_info *info;
- Slapi_Attr *currAttr, *nextAttr;
+ Slapi_Attr *currAttr, *nextAttr;
char *n_dn = NULL, *attrType;
int n;
int i;
@@ -2383,7 +2381,7 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data)
info = (struct eval_info *) callback_data;
info->result = ACL_FALSE;
- if (e == NULL) {
+ if (e == NULL) {
return 0;
}
@@ -2397,14 +2395,14 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data)
Slapi_Value *sval = NULL;
const struct berval *attrVal;
- if ((strcasecmp (attrType, type_member) == 0) ||
- (strcasecmp (attrType, type_uniquemember) == 0 )) {
+ if ((strcasecmp (attrType, type_member) == 0) ||
+ (strcasecmp (attrType, type_uniquemember) == 0 )) {
i = slapi_attr_first_value ( currAttr,&sval );
while ( i != -1 ) {
struct member_info *groupMember = NULL;
attrVal = slapi_value_get_berval ( sval );
- n_dn = slapi_create_dn_string( attrVal->bv_val );
+ n_dn = slapi_create_dn_string( "%s", attrVal->bv_val );
if (NULL == n_dn) {
slapi_log_error( SLAPI_LOG_FATAL, plugin_name,
"acllas__handle_group_entry: Invalid syntax: %s\n",
@@ -3496,7 +3494,6 @@ acllas__client_match_URL (struct acl_pblock *aclpb, char *n_clientdn, char *url
Slapi_Filter *f = NULL;
char *rawdn = NULL;
char *dn = NULL;
- size_t dnlen = 0;
char *p = NULL;
char *normed = NULL;
/* ldap(s)://host:port/suffix?attrs?scope?filter */
@@ -3588,26 +3585,22 @@ acllas__client_match_URL (struct acl_pblock *aclpb, char *n_clientdn, char *url
/* url has scope and/or filter: ldap(s):///suffix?attr?scope?filter */
*p = '\0'; /* null terminate the dn part of rawdn */
}
- rc = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (rc < 0) {
+ dn = slapi_create_dn_string("%s", rawdn);
+ if (NULL == dn) {
slapi_log_error( SLAPI_LOG_FATAL, plugin_name,
- "acllas__client_match_URL: error normalizing dn [%s] part of URL [%s]\n", rawdn, url);
+ "acllas__client_match_URL: error normalizing dn [%s] part of URL [%s]\n",
+ rawdn, url);
goto done;
- } else if (rc == 0) { /* url is passed in and not terminated with NULL*/
- *(dn + dnlen) = '\0';
}
- /* else - rawdn normalized in place */
+
normed = slapi_ch_smprintf("%s%s%s%s%s",
- (prefix_len==LDAP_URL_prefix_len)?
- LDAP_URL_prefix_core:LDAPS_URL_prefix_core,
- hostport?hostport:"", dn, p?"?":"",p?p+1:"");
+ (prefix_len==LDAP_URL_prefix_len)?
+ LDAP_URL_prefix_core:LDAPS_URL_prefix_core,
+ hostport?hostport:"", dn, p?"?":"",p?p+1:"");
if (p) {
*p = Q; /* put the Q back in rawdn which will un-null terminate the DN part */
}
- if (rc > 0) {
- /* dn was allocated in slapi_dn_normalize_ext */
- slapi_ch_free_string(&dn);
- }
+ slapi_ch_free_string(&dn);
rc = slapi_ldap_url_parse(normed, &ludp, 1, NULL);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, plugin_name,
diff --git a/ldap/servers/plugins/acl/acllist.c b/ldap/servers/plugins/acl/acllist.c
index b95baac..7e5221d 100644
--- a/ldap/servers/plugins/acl/acllist.c
+++ b/ldap/servers/plugins/acl/acllist.c
@@ -597,7 +597,7 @@ static void free_targetattrfilters( Targetattrfilter ***attrFilterArray) {
/* SEARCH */
void
-acllist_init_scan (Slapi_PBlock *pb, int scope, char *base)
+acllist_init_scan (Slapi_PBlock *pb, int scope, const char *base)
{
Acl_PBlock *aclpb;
int i;
@@ -625,7 +625,7 @@ acllist_init_scan (Slapi_PBlock *pb, int scope, char *base)
/* If base is NULL - it means we are going to go thru all the ACLs
* This is needed when we do anonymous profile generation.
- */
+ */
if ( NULL == base ) {
return;
}
@@ -638,22 +638,28 @@ acllist_init_scan (Slapi_PBlock *pb, int scope, char *base)
index = 0;
aclpb->aclpb_search_base = slapi_ch_strdup ( base );
- while (basedn ) {
+ while (basedn) {
char *tmp = NULL;
- slapi_sdn_set_ndn_byref ( aclpb->aclpb_aclContainer->acic_sdn, basedn );
+ slapi_sdn_set_normdn_byref(aclpb->aclpb_aclContainer->acic_sdn, basedn);
- root = (AciContainer *) avl_find( acllistRoot,
- (caddr_t) aclpb->aclpb_aclContainer,
- (IFP) __acllist_aciContainer_node_cmp);
+ root = (AciContainer *) avl_find(acllistRoot,
+ (caddr_t) aclpb->aclpb_aclContainer,
+ (IFP) __acllist_aciContainer_node_cmp);
if ( index >= ACLPB_MAX_SELECTED_ACLS -2 ) {
aclpb->aclpb_handles_index[0] = -1;
slapi_ch_free ( (void **) &basedn);
break;
- } else if ( NULL != root ) {
+ } else if ( NULL != root ) {
aclpb->aclpb_base_handles_index[index++] = root->acic_index;
aclpb->aclpb_base_handles_index[index] = -1;
- }
+ } else if ( NULL == root ) {
+ /* slapi_dn_parent returns the "parent" dn syntactically.
+ * Most likely, basedn is above suffix (e.g., dn=com).
+ * Thus, no need to make it FATAL. */
+ slapi_log_error ( SLAPI_LOG_ACL, plugin_name,
+ "Failed to find root for base: %s \n", basedn );
+ }
tmp = slapi_dn_parent ( basedn );
slapi_ch_free ( (void **) &basedn);
basedn = tmp;
@@ -679,11 +685,12 @@ acllist_init_scan (Slapi_PBlock *pb, int scope, char *base)
* the given operation.
*/
+/* edn is normalized & case-ignored */
void
acllist_aciscan_update_scan ( Acl_PBlock *aclpb, char *edn )
{
- int i, index = 0;
+ int index = 0;
char *basedn = NULL;
AciContainer *root;
int is_not_search_base = 1;
@@ -700,15 +707,13 @@ acllist_aciscan_update_scan ( Acl_PBlock *aclpb, char *edn )
* This stuff is only used if it's a search operation.
*/
if ( aclpb->aclpb_search_base ) {
- while ( aclpb->aclpb_base_handles_index[index] != -1 &&
- index < ACLPB_MAX_SELECTED_ACLS -2 ) {
- aclpb->aclpb_handles_index[index] =
- aclpb->aclpb_base_handles_index[index];
- index++;
- }
if ( strcasecmp ( edn, aclpb->aclpb_search_base) == 0) {
is_not_search_base = 0;
}
+ for (index = 0; (aclpb->aclpb_base_handles_index[index] != -1) &&
+ (index < ACLPB_MAX_SELECTED_ACLS - 2); index++) ;
+ memcpy(aclpb->aclpb_handles_index, aclpb->aclpb_base_handles_index,
+ sizeof(*aclpb->aclpb_handles_index) * index);
}
aclpb->aclpb_handles_index[index] = -1;
@@ -760,11 +765,6 @@ acllist_aciscan_update_scan ( Acl_PBlock *aclpb, char *edn )
}
acllist_done_aciContainer ( aclpb->aclpb_aclContainer );
- i = 0;
- while ( i < ACLPB_MAX_SELECTED_ACLS && aclpb->aclpb_handles_index[i] != -1 ) {
- i++;
- }
-
}
aci_t *
@@ -889,6 +889,7 @@ acllist_acicache_WRITE_LOCK( )
}
/* This routine must be called with the acicache write lock taken */
+/* newdn is normalized & case-ignored */
int
acllist_moddn_aci_needsLock ( Slapi_DN *oldsdn, char *newdn )
{
diff --git a/ldap/servers/plugins/acl/aclparse.c b/ldap/servers/plugins/acl/aclparse.c
index a137db9..15b373b 100644
--- a/ldap/servers/plugins/acl/aclparse.c
+++ b/ldap/servers/plugins/acl/aclparse.c
@@ -533,8 +533,7 @@ __aclp__copy_normalized_str (char *src, char *endsrc, char *start,
{
char *p = NULL;
int rc = -1;
- char *dn = NULL;
- size_t dnlen = 0;
+ const char *dn = NULL;
p = PL_strnstr(src, LDAP_URL_prefix, endsrc - src);
if (p) {
@@ -553,6 +552,8 @@ __aclp__copy_normalized_str (char *src, char *endsrc, char *start,
rc = 0;
if (p && strlen(p) > 0) {
size_t len = 0;
+ Slapi_DN sdn;
+ char bak;
/* strip the string starting from ? */
char *q = PL_strnchr(p, '?', endsrc - p);
if (q) {
@@ -560,18 +561,17 @@ __aclp__copy_normalized_str (char *src, char *endsrc, char *start,
} else {
len = endsrc - p;
}
+ bak = *(p + len);
+ *(p + len) = '\0';
/* Normalize the value of userdn and append it to ret_str */
- rc = slapi_dn_normalize_ext(p, len, &dn, &dnlen);
- if (rc < 0) {
- return rc;
- }
+ slapi_sdn_init_dn_byref(&sdn, p);
+ dn = slapi_sdn_get_dn(&sdn);
/* append up to ldap(s):/// */
aclutil_str_append_ext(dest, destlen, start, p - start);
/* append the DN part */
- aclutil_str_append_ext(dest, destlen, dn, dnlen);
- if (rc > 0) { /* if rc == 0, p is passed in */
- slapi_ch_free_string(&dn);
- }
+ aclutil_str_append_ext(dest, destlen, dn, strlen(dn));
+ slapi_sdn_done(&sdn);
+ *(p + len) = bak;
if (q) {
/* append the rest from '?' */
aclutil_str_append_ext(dest, destlen, q, endsrc - q);
diff --git a/ldap/servers/plugins/acl/aclplugin.c b/ldap/servers/plugins/acl/aclplugin.c
index 66ef707..ecd1e11 100644
--- a/ldap/servers/plugins/acl/aclplugin.c
+++ b/ldap/servers/plugins/acl/aclplugin.c
@@ -135,7 +135,8 @@ static int
aclplugin_preop_search ( Slapi_PBlock *pb )
{
int scope;
- char *base = NULL;
+ const char *base = NULL;
+ Slapi_DN *sdn = NULL;
int optype;
int isRoot;
int rc = 0;
@@ -151,7 +152,8 @@ aclplugin_preop_search ( Slapi_PBlock *pb )
return rc;
}
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &sdn );
+ base = slapi_sdn_get_dn(sdn);
/* For anonymous client doing search nothing needs to be set up */
if ( optype == SLAPI_OPERATION_SEARCH && aclanom_is_client_anonymous ( pb ) &&
! slapi_dn_issuffix( base, "cn=monitor") ) {
@@ -244,7 +246,7 @@ aclplugin_preop_common( Slapi_PBlock *pb )
slapi_log_error( SLAPI_LOG_ACL, plugin_name,
"proxied authorization dn is (%s)\n", proxy_dn );
acl_init_aclpb ( pb, aclpb, proxy_dn, 1 );
- aclpb = acl_new_proxy_aclpb (pb );
+ aclpb = acl_new_proxy_aclpb ( pb );
acl_init_aclpb ( pb, aclpb, dn, 0 );
slapi_ch_free ( (void **) &proxy_dn );
diff --git a/ldap/servers/plugins/automember/automember.c b/ldap/servers/plugins/automember/automember.c
index 2e1d496..89ed1da 100644
--- a/ldap/servers/plugins/automember/automember.c
+++ b/ldap/servers/plugins/automember/automember.c
@@ -92,10 +92,10 @@ static void automember_free_config_entry(struct configEntry ** entry);
/*
* helpers
*/
-static char *automember_get_dn(Slapi_PBlock * pb);
+static Slapi_DN *automember_get_sdn(Slapi_PBlock *pb);
static Slapi_DN *automember_get_config_area();
static void automember_set_config_area(Slapi_DN *sdn);
-static int automember_dn_is_config(char *dn);
+static int automember_dn_is_config(Slapi_DN *sdn);
static int automember_oktodo(Slapi_PBlock *pb);
static int automember_isrepl(Slapi_PBlock *pb);
static void automember_parse_regex_entry(struct configEntry *config, Slapi_Entry *e);
@@ -275,7 +275,7 @@ automember_postop_init(Slapi_PBlock *pb)
static int
automember_start(Slapi_PBlock * pb)
{
- char *plugindn = NULL;
+ Slapi_DN *plugindn = NULL;
char *config_area = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
@@ -298,14 +298,14 @@ automember_start(Slapi_PBlock * pb)
/*
* Get the plug-in target dn from the system
* and store it for future use. */
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &plugindn);
- if (NULL == plugindn || 0 == strlen(plugindn)) {
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &plugindn);
+ if (NULL == plugindn || 0 == slapi_sdn_get_ndn_len(plugindn)) {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"automember_start: unable to retrieve plugin dn\n");
return -1;
}
- automember_set_plugin_sdn(slapi_sdn_new_dn_byref(plugindn));
+ automember_set_plugin_sdn(slapi_sdn_dup(plugindn));
/* Set the alternate config area if one is defined. */
slapi_pblock_get(pb, SLAPI_PLUGIN_CONFIG_AREA, &config_area);
@@ -804,28 +804,19 @@ automember_delete_config()
return;
}
-
-/*
- * Helper functions
- */
-static char *
-automember_get_dn(Slapi_PBlock * pb)
+static Slapi_DN *
+automember_get_sdn(Slapi_PBlock * pb)
{
- char *dn = 0;
+ Slapi_DN *sdn = 0;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
- "--> automember_get_dn\n");
+ "--> automember_get_sdn\n");
- if (slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn)) {
- slapi_log_error(SLAPI_LOG_FATAL, AUTOMEMBER_PLUGIN_SUBSYSTEM,
- "automember_get_dn: failed to get dn of changed entry");
- goto bail;
- }
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
- bail:
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
- "<-- automember_get_dn\n");
+ "<-- automember_get_sdn\n");
- return dn;
+ return sdn;
}
void
@@ -846,20 +837,17 @@ automember_get_config_area()
* Checks if dn is an auto membership config entry.
*/
static int
-automember_dn_is_config(char *dn)
+automember_dn_is_config(Slapi_DN *sdn)
{
int ret = 0;
- Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"--> automember_dn_is_config\n");
- if (dn == NULL) {
+ if (sdn == NULL) {
goto bail;
}
- sdn = slapi_sdn_new_dn_byref(dn);
-
/* If an alternate config area is configured, treat it's child
* entries as config entries. If the alternate config area is
* not configured, treat children of the top-level plug-in
@@ -877,7 +865,6 @@ automember_dn_is_config(char *dn)
}
bail:
- slapi_sdn_free(&sdn);
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"<-- automember_dn_is_config\n");
@@ -1579,7 +1566,7 @@ automember_add_member_value(Slapi_Entry *member_e, const char *group_dn,
static int
automember_pre_op(Slapi_PBlock * pb, int modop)
{
- char *dn = 0;
+ Slapi_DN *sdn = 0;
Slapi_Entry *e = 0;
Slapi_Mods *smods = 0;
LDAPMod **mods;
@@ -1594,10 +1581,10 @@ automember_pre_op(Slapi_PBlock * pb, int modop)
if (!g_plugin_started)
goto bail;
- if (0 == (dn = automember_get_dn(pb)))
+ if (0 == (sdn = automember_get_sdn(pb)))
goto bail;
- if (automember_dn_is_config(dn)) {
+ if (automember_dn_is_config(sdn)) {
/* Validate config changes, but don't apply them.
* This allows us to reject invalid config changes
* here at the pre-op stage. Applying the config
@@ -1609,10 +1596,8 @@ automember_pre_op(Slapi_PBlock * pb, int modop)
} else if (LDAP_CHANGETYPE_MODIFY == modop) {
/* Fetch the entry being modified so we can
* create the resulting entry for validation. */
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
- if (tmp_dn) {
- slapi_search_internal_get_entry(tmp_dn, 0, &e, automember_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
+ if (sdn) {
+ slapi_search_internal_get_entry(sdn, 0, &e, automember_get_plugin_id());
free_entry = 1;
}
@@ -1692,7 +1677,7 @@ automember_mod_pre_op(Slapi_PBlock * pb)
static int
automember_mod_post_op(Slapi_PBlock *pb)
{
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"--> automember_mod_post_op\n");
@@ -1702,9 +1687,9 @@ automember_mod_post_op(Slapi_PBlock *pb)
goto bail;
}
- if (automember_oktodo(pb) && (dn = automember_get_dn(pb))) {
+ if (automember_oktodo(pb) && (sdn = automember_get_sdn(pb))) {
/* Check if the config is being modified and reload if so. */
- if (automember_dn_is_config(dn)) {
+ if (automember_dn_is_config(sdn)) {
automember_load_config();
}
}
@@ -1720,7 +1705,7 @@ static int
automember_add_post_op(Slapi_PBlock *pb)
{
Slapi_Entry *e = NULL;
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
struct configEntry *config = NULL;
PRCList *list = NULL;
@@ -1732,14 +1717,15 @@ automember_add_post_op(Slapi_PBlock *pb)
return 0;
/* Reload config if a config entry was added. */
- if ((dn = automember_get_dn(pb))) {
- if (automember_dn_is_config(dn)) {
+ if ((sdn = automember_get_sdn(pb))) {
+ if (automember_dn_is_config(sdn)) {
automember_load_config();
}
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"automember_add_post_op: Error "
"retrieving dn\n");
+ goto bail;
}
/* If replication, just bail. */
@@ -1777,7 +1763,7 @@ automember_add_post_op(Slapi_PBlock *pb)
config = (struct configEntry *)list;
/* Does the entry meet scope and filter requirements? */
- if (slapi_dn_issuffix(dn, config->scope) &&
+ if (slapi_dn_issuffix(slapi_sdn_get_dn(sdn), config->scope) &&
(slapi_filter_test_simple(e, config->filter) == 0)) {
/* Find out what membership changes are needed and make them. */
automember_update_membership(config, e);
@@ -1791,9 +1777,9 @@ automember_add_post_op(Slapi_PBlock *pb)
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"automember_add_post_op: Error "
- "retrieving post-op entry %s\n", dn);
+ "retrieving post-op entry %s\n", slapi_sdn_get_dn(sdn));
}
-
+bail:
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"<-- automember_add_post_op\n");
@@ -1808,7 +1794,7 @@ automember_add_post_op(Slapi_PBlock *pb)
static int
automember_del_post_op(Slapi_PBlock *pb)
{
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"--> automember_del_post_op\n");
@@ -1819,8 +1805,8 @@ automember_del_post_op(Slapi_PBlock *pb)
}
/* Reload config if a config entry was deleted. */
- if ((dn = automember_get_dn(pb))) {
- if (automember_dn_is_config(dn))
+ if ((sdn = automember_get_sdn(pb))) {
+ if (automember_dn_is_config(sdn))
automember_load_config();
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
@@ -1843,8 +1829,8 @@ automember_del_post_op(Slapi_PBlock *pb)
static int
automember_modrdn_post_op(Slapi_PBlock *pb)
{
- char *old_dn = NULL;
- char *new_dn = NULL;
+ Slapi_DN *old_sdn = NULL;
+ Slapi_DN *new_sdn = NULL;
Slapi_Entry *post_e = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
@@ -1859,7 +1845,7 @@ automember_modrdn_post_op(Slapi_PBlock *pb)
* config entries. */
slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &post_e);
if (post_e) {
- new_dn = slapi_entry_get_ndn(post_e);
+ new_sdn = slapi_entry_get_sdn(post_e);
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"automember_modrdn_post_op: Error "
@@ -1867,8 +1853,8 @@ automember_modrdn_post_op(Slapi_PBlock *pb)
return 0;
}
- if ((old_dn = automember_get_dn(pb))) {
- if (automember_dn_is_config(old_dn) || automember_dn_is_config(new_dn))
+ if ((old_sdn = automember_get_sdn(pb))) {
+ if (automember_dn_is_config(old_sdn) || automember_dn_is_config(new_sdn))
automember_load_config();
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
diff --git a/ldap/servers/plugins/chainingdb/cb_add.c b/ldap/servers/plugins/chainingdb/cb_add.c
index 501865a..116ac92 100644
--- a/ldap/servers/plugins/chainingdb/cb_add.c
+++ b/ldap/servers/plugins/chainingdb/cb_add.c
@@ -65,41 +65,44 @@ chaining_back_add ( Slapi_PBlock *pb )
char **referrals=NULL;
LDAPMod ** mods;
LDAPMessage * res;
- char *dn,* matched_msg, *error_msg;
+ char * matched_msg, *error_msg;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
char *cnxerrbuf=NULL;
- time_t endtime;
+ time_t endtime;
cb_outgoing_conn *cnx;
if ( (rc=cb_forward_operation(pb)) != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, "Remote data access disabled", 0, NULL );
+ cb_send_ldap_result( pb, rc, NULL, "Remote data access disabled", 0, NULL );
return -1;
}
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
/* Update monitor info */
cb_update_monitor_info(pb,cb,SLAPI_OPERATION_ADD);
/* Check wether the chaining BE is available or not */
- if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
+ if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
return -1;
- }
+ }
+ slapi_pblock_get( pb, SLAPI_ADD_TARGET_SDN, &sdn );
+ slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &e );
- slapi_pblock_get( pb, SLAPI_ADD_TARGET, &dn );
- slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &e );
+ dn = slapi_sdn_get_dn(sdn);
/* Check local access controls */
if (cb->local_acl && !cb->associated_be_is_disabled) {
char * errbuf=NULL;
- rc = cb_access_allowed (pb, e, NULL, NULL, SLAPI_ACL_ADD, &errbuf);
- if ( rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
- slapi_ch_free((void **)&errbuf);
+ rc = cb_access_allowed (pb, e, NULL, NULL, SLAPI_ACL_ADD, &errbuf);
+ if ( rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
+ slapi_ch_free((void **)&errbuf);
return -1;
}
- }
+ }
/* Build LDAPMod from the SLapi_Entry */
cb_eliminate_illegal_attributes(cb,e);
diff --git a/ldap/servers/plugins/chainingdb/cb_bind.c b/ldap/servers/plugins/chainingdb/cb_bind.c
index 0d46b7a..edc45f3 100644
--- a/ldap/servers/plugins/chainingdb/cb_bind.c
+++ b/ldap/servers/plugins/chainingdb/cb_bind.c
@@ -47,10 +47,11 @@ cb_free_bervals( struct berval **bvs );
static int
-cb_sasl_bind_once_s( cb_conn_pool *pool, char *dn, int method, char * mechanism,
- struct berval *creds, LDAPControl **reqctrls,
- char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
- LDAPControl ***resctrlsp , int * status);
+cb_sasl_bind_once_s( cb_conn_pool *pool, const char *dn, int method,
+ char * mechanism, struct berval *creds,
+ LDAPControl **reqctrls, char **matcheddnp,
+ char **errmsgp, struct berval ***refurlsp,
+ LDAPControl ***resctrlsp , int * status);
/*
* Attempt to chain a bind request off to "srvr." We return an LDAP error
@@ -67,17 +68,18 @@ cb_sasl_bind_once_s( cb_conn_pool *pool, char *dn, int method, char * mechanism,
static int
cb_sasl_bind_s(Slapi_PBlock * pb, cb_conn_pool *pool, int tries,
- char *dn, int method,char * mechanism, struct berval *creds, LDAPControl **reqctrls,
- char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
- LDAPControl ***resctrlsp ,int *status) {
-
+ const char *dn, int method,char * mechanism,
+ struct berval *creds, LDAPControl **reqctrls,
+ char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
+ LDAPControl ***resctrlsp ,int *status)
+{
int rc;
do {
/* check to see if operation has been abandoned...*/
- if (LDAP_AUTH_SIMPLE!=method)
- return LDAP_AUTH_METHOD_NOT_SUPPORTED;
+ if (LDAP_AUTH_SIMPLE!=method)
+ return LDAP_AUTH_METHOD_NOT_SUPPORTED;
if ( slapi_op_abandoned( pb )) {
rc = LDAP_USER_CANCELLED;
@@ -91,10 +93,11 @@ cb_sasl_bind_s(Slapi_PBlock * pb, cb_conn_pool *pool, int tries,
}
static int
-cb_sasl_bind_once_s( cb_conn_pool *pool, char *dn, int method, char * mechanism,
- struct berval *creds, LDAPControl **reqctrls,
- char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
- LDAPControl ***resctrlsp , int * status )
+cb_sasl_bind_once_s( cb_conn_pool *pool, const char *dn, int method,
+ char * mechanism, struct berval *creds,
+ LDAPControl **reqctrls, char **matcheddnp,
+ char **errmsgp, struct berval ***refurlsp,
+ LDAPControl ***resctrlsp , int * status )
{
int rc, msgid;
char **referrals;
@@ -225,18 +228,20 @@ release_and_return:
}
int
-chainingdb_bind( Slapi_PBlock *pb ) {
+chainingdb_bind( Slapi_PBlock *pb )
+{
int status=LDAP_SUCCESS;
int allocated_errmsg;
int rc=LDAP_SUCCESS;
cb_backend_instance *cb;
Slapi_Backend *be;
- char *dn;
- int method;
- struct berval *creds, **urls;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ int method;
+ struct berval *creds, **urls;
char *matcheddn,*errmsg;
- LDAPControl **reqctrls, **resctrls, **ctrls;
+ LDAPControl **reqctrls, **resctrls, **ctrls;
char * mechanism;
int freectrls=1;
int bind_retry;
@@ -258,16 +263,18 @@ chainingdb_bind( Slapi_PBlock *pb ) {
if (ctrls)
ldap_controls_free(ctrls);
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &dn );
- slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &sdn );
+ slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method );
slapi_pblock_get( pb, SLAPI_BIND_SASLMECHANISM, &mechanism);
- slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds );
- slapi_pblock_get( pb, SLAPI_REQCONTROLS, &reqctrls );
- cb = cb_get_instance(be);
+ slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds );
+ slapi_pblock_get( pb, SLAPI_REQCONTROLS, &reqctrls );
+ cb = cb_get_instance(be);
- if ( NULL == dn )
- dn="";
+ if ( NULL == sdn ) {
+ sdn = slapi_sdn_new_ndn_byval("");
+ }
+ dn = slapi_sdn_get_ndn(sdn);
/* always allow noauth simple binds */
if (( method == LDAP_AUTH_SIMPLE) && creds->bv_len == 0 ) {
diff --git a/ldap/servers/plugins/chainingdb/cb_compare.c b/ldap/servers/plugins/chainingdb/cb_compare.c
index ccbc175..16f6c7b 100644
--- a/ldap/servers/plugins/chainingdb/cb_compare.c
+++ b/ldap/servers/plugins/chainingdb/cb_compare.c
@@ -63,29 +63,33 @@ chaining_back_compare ( Slapi_PBlock *pb )
LDAP *ld=NULL;
char **referrals=NULL;
LDAPMessage * res;
- char *type,*dn,* matched_msg, *error_msg;
+ char *type, *matched_msg, *error_msg;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
char *cnxerrbuf=NULL;
- time_t endtime;
+ time_t endtime;
cb_outgoing_conn *cnx;
- if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
- cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
- return -1;
- }
+ if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
+ cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
- cb_update_monitor_info(pb,cb,SLAPI_OPERATION_COMPARE);
+ cb_update_monitor_info(pb,cb,SLAPI_OPERATION_COMPARE);
/* Check wether the chaining BE is available or not */
- if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
- return -1;
- }
+ if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
+ return -1;
+ }
+
+ slapi_pblock_get( pb, SLAPI_COMPARE_TARGET_SDN, &sdn );
+ slapi_pblock_get( pb, SLAPI_COMPARE_TYPE, &type );
+ slapi_pblock_get( pb, SLAPI_COMPARE_VALUE, &bval );
- slapi_pblock_get( pb, SLAPI_COMPARE_TARGET, &dn );
- slapi_pblock_get( pb, SLAPI_COMPARE_TYPE, &type );
- slapi_pblock_get( pb, SLAPI_COMPARE_VALUE, &bval );
+ dn = slapi_sdn_get_dn(sdn);
/*
* Check local acls
@@ -96,17 +100,17 @@ chaining_back_compare ( Slapi_PBlock *pb )
if (checkacl) {
char * errbuf=NULL;
- Slapi_Entry *te = slapi_entry_alloc();
- slapi_entry_set_dn(te,slapi_ch_strdup(dn));
- rc = cb_access_allowed (pb, te, type, bval, SLAPI_ACL_COMPARE,&errbuf);
- slapi_entry_free(te);
+ Slapi_Entry *te = slapi_entry_alloc();
+ slapi_entry_set_sdn(te, sdn); /* sdn: copied */
+ rc = cb_access_allowed (pb, te, type, bval, SLAPI_ACL_COMPARE,&errbuf);
+ slapi_entry_free(te);
- if ( rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
+ if ( rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
slapi_ch_free((void **) &errbuf);
return 1;
}
- }
+ }
/*
* Grab a connection handle
diff --git a/ldap/servers/plugins/chainingdb/cb_controls.c b/ldap/servers/plugins/chainingdb/cb_controls.c
index da2d283..f079901 100644
--- a/ldap/servers/plugins/chainingdb/cb_controls.c
+++ b/ldap/servers/plugins/chainingdb/cb_controls.c
@@ -201,9 +201,9 @@ int cb_update_controls( Slapi_PBlock * pb,
char * requestorCopy=NULL;
rootdn=cb_get_rootdn();
- slapi_pblock_get( pb, SLAPI_REQUESTOR_DN, &requestor );
- requestorCopy=slapi_ch_strdup(requestor);
- slapi_dn_normalize_case(requestorCopy);
+ slapi_pblock_get( pb, SLAPI_REQUESTOR_NDN, &requestor );
+ requestorCopy = slapi_ch_strdup(requestor);
+ slapi_dn_ignore_case(requestorCopy);
if (!strcmp( requestorCopy, rootdn )) { /* UTF8- aware */
slapi_log_error( SLAPI_LOG_PLUGIN,CB_PLUGIN_SUBSYSTEM,
diff --git a/ldap/servers/plugins/chainingdb/cb_delete.c b/ldap/servers/plugins/chainingdb/cb_delete.c
index 992f606..87a69a2 100644
--- a/ldap/servers/plugins/chainingdb/cb_delete.c
+++ b/ldap/servers/plugins/chainingdb/cb_delete.c
@@ -62,27 +62,30 @@ chaining_back_delete ( Slapi_PBlock *pb )
LDAP *ld=NULL;
char **referrals=NULL;
LDAPMessage * res;
- char *dn,* matched_msg, *error_msg;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ char *matched_msg, *error_msg;
char *cnxerrbuf=NULL;
- time_t endtime;
+ time_t endtime;
cb_outgoing_conn *cnx;
- if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
- cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
- return -1;
- }
+ if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
+ cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
- cb_update_monitor_info(pb,cb,SLAPI_OPERATION_DELETE);
+ cb_update_monitor_info(pb,cb,SLAPI_OPERATION_DELETE);
/* Check wether the chaining BE is available or not */
- if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
- return -1;
- }
+ if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_DELETE_TARGET, &dn );
+ slapi_pblock_get( pb, SLAPI_DELETE_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
/*
* Check local acls
@@ -90,17 +93,17 @@ chaining_back_delete ( Slapi_PBlock *pb )
if (cb->local_acl && !cb->associated_be_is_disabled) {
char * errbuf=NULL;
- Slapi_Entry *te = slapi_entry_alloc();
- slapi_entry_set_dn(te,slapi_ch_strdup(dn));
- rc = cb_access_allowed (pb, te, NULL, NULL, SLAPI_ACL_DELETE,&errbuf);
- slapi_entry_free(te);
+ Slapi_Entry *te = slapi_entry_alloc();
+ slapi_entry_set_sdn(te, sdn); /* sdn: copied */
+ rc = cb_access_allowed (pb, te, NULL, NULL, SLAPI_ACL_DELETE,&errbuf);
+ slapi_entry_free(te);
- if ( rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
- slapi_ch_free((void **)&errbuf);
+ if ( rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
+ slapi_ch_free((void **)&errbuf);
return -1;
}
- }
+ }
/*
* Grab a connection handle
diff --git a/ldap/servers/plugins/chainingdb/cb_instance.c b/ldap/servers/plugins/chainingdb/cb_instance.c
index 145d5a3..9a33916 100644
--- a/ldap/servers/plugins/chainingdb/cb_instance.c
+++ b/ldap/servers/plugins/chainingdb/cb_instance.c
@@ -850,9 +850,9 @@ static int cb_instance_binduser_set(void *arg, void *value, char *errorbuf, int
if (apply) {
- slapi_rwlock_wrlock(inst->rwl_config_lock);
+ slapi_rwlock_wrlock(inst->rwl_config_lock);
if (( phase != CB_CONFIG_PHASE_INITIALIZATION ) &&
- ( phase != CB_CONFIG_PHASE_STARTUP )) {
+ ( phase != CB_CONFIG_PHASE_STARTUP )) {
/* Dynamic modif */
/* Free user later */
@@ -862,10 +862,11 @@ static int cb_instance_binduser_set(void *arg, void *value, char *errorbuf, int
rc=CB_REOPEN_CONN;
}
- inst->pool->binddn=slapi_ch_strdup((char *) value);
+ /* normalize and ignore the case */
+ inst->pool->binddn = slapi_create_dn_string_case("%s", (char *)value);
+ /* not normalized */
inst->pool->binddn2=slapi_ch_strdup((char *) value);
- slapi_dn_normalize_case(inst->pool->binddn);
- slapi_rwlock_unlock(inst->rwl_config_lock);
+ slapi_rwlock_unlock(inst->rwl_config_lock);
} else {
/* Security check */
@@ -877,19 +878,18 @@ static int cb_instance_binduser_set(void *arg, void *value, char *errorbuf, int
char * theValueCopy = NULL;
if (value) {
- theValueCopy=slapi_ch_strdup((char *) value);
- slapi_dn_normalize_case(theValueCopy);
+ theValueCopy = slapi_create_dn_string_case("%s", (char *) value);
}
slapi_rwlock_rdlock(inst->rwl_config_lock);
- if (inst->impersonate && theValueCopy &&
- !strcmp(theValueCopy,rootdn)) { /* UTF8-aware. See cb_get_dn() */
- rc=LDAP_UNWILLING_TO_PERFORM;
+ if (inst->impersonate && theValueCopy &&
+ !strcmp(theValueCopy,rootdn)) { /* UTF8-aware. See cb_get_dn() */
+ rc=LDAP_UNWILLING_TO_PERFORM;
if (errorbuf) {
PR_snprintf(errorbuf,SLAPI_DSE_RETURNTEXT_SIZE, "value %s not allowed",rootdn);
}
- }
- slapi_rwlock_unlock(inst->rwl_config_lock);
+ }
+ slapi_rwlock_unlock(inst->rwl_config_lock);
slapi_ch_free((void **)&theValueCopy);
slapi_ch_free((void **)&rootdn);
diff --git a/ldap/servers/plugins/chainingdb/cb_modify.c b/ldap/servers/plugins/chainingdb/cb_modify.c
index fcfb310..aa914b9 100644
--- a/ldap/servers/plugins/chainingdb/cb_modify.c
+++ b/ldap/servers/plugins/chainingdb/cb_modify.c
@@ -65,51 +65,54 @@ chaining_back_modify ( Slapi_PBlock *pb )
char **referrals=NULL;
LDAPMod ** mods;
LDAPMessage * res;
- char *dn,* matched_msg, *error_msg;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ char *matched_msg, *error_msg;
char *cnxerrbuf=NULL;
- time_t endtime;
+ time_t endtime;
cb_outgoing_conn *cnx;
- if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
- cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
- return -1;
- }
+ if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
+ cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
- cb_update_monitor_info(pb,cb,SLAPI_OPERATION_MODIFY);
+ cb_update_monitor_info(pb,cb,SLAPI_OPERATION_MODIFY);
/* Check wether the chaining BE is available or not */
- if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
- return -1;
- }
+ if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_MODIFY_TARGET, &dn );
+ slapi_pblock_get( pb, SLAPI_MODIFY_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
if (cb_debug_on()) {
- slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM,"modify: target:<%s>\n",dn);
+ slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM,"modify: target:<%s>\n",dn);
}
ctrls=serverctrls=NULL;
- slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods );
- slapi_pblock_get( pb, SLAPI_REQCONTROLS, &ctrls );
+ slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods );
+ slapi_pblock_get( pb, SLAPI_REQCONTROLS, &ctrls );
/* Check acls */
if ( cb->local_acl && !cb->associated_be_is_disabled ) {
- char * errbuf=NULL;
- Slapi_Entry *te = slapi_entry_alloc();
- slapi_entry_set_dn(te,slapi_ch_strdup(dn));
- rc = slapi_acl_check_mods( pb, te, mods, &errbuf);
- slapi_entry_free(te);
-
- if ( rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
- slapi_ch_free((void **)&errbuf);
- return -1;
- }
+ char * errbuf=NULL;
+ Slapi_Entry *te = slapi_entry_alloc();
+ slapi_entry_set_sdn(te, sdn); /* sdn: copied */
+ rc = slapi_acl_check_mods( pb, te, mods, &errbuf);
+ slapi_entry_free(te);
+
+ if ( rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
+ slapi_ch_free((void **)&errbuf);
+ return -1;
+ }
}
diff --git a/ldap/servers/plugins/chainingdb/cb_modrdn.c b/ldap/servers/plugins/chainingdb/cb_modrdn.c
index 2efff02..b6b882b 100644
--- a/ldap/servers/plugins/chainingdb/cb_modrdn.c
+++ b/ldap/servers/plugins/chainingdb/cb_modrdn.c
@@ -54,20 +54,25 @@
int
chaining_back_modrdn ( Slapi_PBlock *pb )
{
-
- Slapi_Backend * be;
- cb_backend_instance *cb;
- LDAPControl **ctrls, **serverctrls;
- int rc,parse_rc,msgid,i;
- LDAP *ld=NULL;
- char **referrals=NULL;
- LDAPMessage * res;
- char * matched_msg, *error_msg,* pdn, *newdn, *dn;
- int deleteoldrdn=0;
- char * newsuperior, *newrdn;
- char * cnxerrbuf=NULL;
- time_t endtime;
- cb_outgoing_conn * cnx;
+ Slapi_Backend * be;
+ cb_backend_instance *cb;
+ LDAPControl **ctrls, **serverctrls;
+ int rc,parse_rc,msgid,i;
+ LDAP *ld=NULL;
+ char **referrals=NULL;
+ LDAPMessage *res;
+ char *matched_msg, *error_msg;
+ char *newdn = NULL;
+ const char *pdn = NULL;
+ char *ndn = NULL;
+ Slapi_DN *sdn = NULL;
+ Slapi_DN *psdn = NULL;
+ int deleteoldrdn = 0;
+ Slapi_DN *newsuperior = NULL;
+ char *newrdn = NULL;
+ char * cnxerrbuf=NULL;
+ time_t endtime;
+ cb_outgoing_conn *cnx;
if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
@@ -75,38 +80,36 @@ chaining_back_modrdn ( Slapi_PBlock *pb )
}
slapi_pblock_get( pb, SLAPI_BACKEND, &be );
- cb = cb_get_instance(be);
+ cb = cb_get_instance(be);
cb_update_monitor_info(pb,cb,SLAPI_OPERATION_MODRDN);
- /* Check wether the chaining BE is available or not */
+ /* Check wether the chaining BE is available or not */
if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
return -1;
}
- newsuperior=newdn=newrdn=dn=NULL;
- slapi_pblock_get( pb, SLAPI_MODRDN_TARGET, &dn );
+ slapi_pblock_get( pb, SLAPI_MODRDN_TARGET_SDN, &sdn );
slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
- slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperior );
+ slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior );
slapi_pblock_get( pb, SLAPI_MODRDN_DELOLDRDN, &deleteoldrdn );
- /*
- * Construct the new dn
- */
+ ndn = (char *)slapi_sdn_get_ndn(sdn);
- dn = slapi_dn_normalize_case(dn);
- if ( (pdn = slapi_dn_parent( dn )) != NULL ) {
- /* parent + rdn + separator(s) + null */
- newdn = (char *) slapi_ch_malloc( strlen( pdn ) + strlen( newrdn ) + 3 );
- strcpy( newdn, newrdn );
- strcat( newdn, "," );
- strcat( newdn, pdn );
-
- slapi_ch_free((void **)&pdn );
+ /*
+ * Construct the new dn
+ */
+ psdn = slapi_sdn_new();
+ slapi_sdn_get_parent(sdn, psdn);
+ pdn = slapi_sdn_get_ndn(psdn);
+ if ( pdn ) {
+ /* parent + rdn + separator(s) + null */
+ newdn = slapi_ch_smprintf("%s,%s", newrdn, pdn);
} else {
- newdn = slapi_ch_strdup( newrdn );
+ newdn = slapi_ch_strdup( newrdn );
}
+ slapi_sdn_free(&psdn);
/*
* Make sure the current backend is managing
@@ -119,19 +122,19 @@ chaining_back_modrdn ( Slapi_PBlock *pb )
if (cb->local_acl && !cb->associated_be_is_disabled) {
/*
- * Check local acls
- * Keep in mind We don't have the entry for acl evaluation
- */
+ * Check local acls
+ * Keep in mind We don't have the entry for acl evaluation
+ */
char * errbuf=NULL;
- Slapi_Entry *te = slapi_entry_alloc();
- slapi_entry_set_dn(te,slapi_ch_strdup(dn));
- rc = cb_access_allowed (pb, te, NULL, NULL, SLAPI_ACL_WRITE,&errbuf);
- slapi_entry_free(te);
-
- if ( rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
- slapi_ch_free((void **)&errbuf);
+ Slapi_Entry *te = slapi_entry_alloc();
+ slapi_entry_set_sdn(te, sdn); /* sdn: copied */
+ rc = cb_access_allowed (pb, te, NULL, NULL, SLAPI_ACL_WRITE,&errbuf);
+ slapi_entry_free(te);
+
+ if ( rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
+ slapi_ch_free((void **)&errbuf);
return -1;
}
}
@@ -183,7 +186,8 @@ chaining_back_modrdn ( Slapi_PBlock *pb )
* Send LDAP operation to the remote host
*/
- rc = ldap_rename ( ld,dn,newrdn,newsuperior,deleteoldrdn,ctrls,NULL,&msgid);
+ rc = ldap_rename ( ld, ndn, newrdn, slapi_sdn_get_dn(newsuperior),
+ deleteoldrdn, ctrls, NULL, &msgid );
if ( NULL != ctrls)
ldap_controls_free(ctrls);
diff --git a/ldap/servers/plugins/chainingdb/cb_search.c b/ldap/servers/plugins/chainingdb/cb_search.c
index a16ed4c..92eb2ea 100644
--- a/ldap/servers/plugins/chainingdb/cb_search.c
+++ b/ldap/servers/plugins/chainingdb/cb_search.c
@@ -58,41 +58,45 @@ chainingdb_build_candidate_list ( Slapi_PBlock *pb )
Slapi_Backend * be;
Slapi_Operation * op;
- char *target, *filter;
+ char *filter;
+ const char *target = NULL;
+ Slapi_DN *target_sdn = NULL;
int scope,attrsonly,sizelimit,timelimit,rc,searchreferral;
char **attrs=NULL;
LDAPControl **controls=NULL;
LDAPControl **ctrls=NULL;
- LDAP *ld=NULL;
- cb_backend_instance *cb = NULL;
+ LDAP *ld=NULL;
+ cb_backend_instance *cb = NULL;
cb_searchContext *ctx=NULL;
struct timeval timeout;
time_t optime;
int doit,parse_rc;
- LDAPMessage *res=NULL;
- char *matched_msg,*error_msg;
- LDAPControl **serverctrls=NULL;
- char **referrals=NULL;
+ LDAPMessage *res=NULL;
+ char *matched_msg,*error_msg;
+ LDAPControl **serverctrls=NULL;
+ char **referrals=NULL;
char *cnxerrbuf=NULL;
time_t endbefore=0;
time_t endtime;
cb_outgoing_conn *cnx;
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
- slapi_pblock_get( pb, SLAPI_OPERATION, &op );
- slapi_pblock_get( pb, SLAPI_SEARCH_STRFILTER, &filter );
- slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope );
- slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime );
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &target );
+ slapi_pblock_get( pb, SLAPI_OPERATION, &op );
+ slapi_pblock_get( pb, SLAPI_SEARCH_STRFILTER, &filter );
+ slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope );
+ slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &target_sdn );
- if ( LDAP_SUCCESS != (parse_rc=cb_forward_operation(pb) )) {
+ target = slapi_sdn_get_dn(target_sdn);
+
+ if ( LDAP_SUCCESS != (parse_rc=cb_forward_operation(pb) )) {
/* Don't return errors */
if (cb_debug_on()) {
- slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM,
+ slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM,
"local search: base:<%s> scope:<%s> filter:<%s>\n",target,
scope==LDAP_SCOPE_SUBTREE?"SUBTREE":scope==LDAP_SCOPE_ONELEVEL ? "ONE-LEVEL" : "BASE" , filter);
}
@@ -135,28 +139,28 @@ chainingdb_build_candidate_list ( Slapi_PBlock *pb )
if (( scope != LDAP_SCOPE_BASE ) && ( searchreferral )) {
- int i;
- struct berval bv,*bvals[2];
- Slapi_Entry ** aciArray=(Slapi_Entry **) slapi_ch_malloc(2*sizeof(Slapi_Entry *));
- Slapi_Entry *anEntry = slapi_entry_alloc();
+ int i;
+ struct berval bv,*bvals[2];
+ Slapi_Entry ** aciArray=(Slapi_Entry **) slapi_ch_malloc(2*sizeof(Slapi_Entry *));
+ Slapi_Entry *anEntry = slapi_entry_alloc();
- slapi_entry_set_dn(anEntry,slapi_ch_strdup(target));
+ slapi_entry_set_sdn(anEntry, target_sdn);
- bvals[1]=NULL;
- bvals[0]=&bv;
- bv.bv_val="referral";
+ bvals[1]=NULL;
+ bvals[0]=&bv;
+ bv.bv_val="referral";
bv.bv_len=strlen(bv.bv_val);
- slapi_entry_add_values( anEntry, "objectclass", bvals);
+ slapi_entry_add_values( anEntry, "objectclass", bvals);
- slapi_rwlock_rdlock(cb->rwl_config_lock);
+ slapi_rwlock_rdlock(cb->rwl_config_lock);
for (i=0; cb->url_array && cb->url_array[i]; i++) {
char * anUrl = slapi_ch_smprintf("%s%s",cb->url_array[i],target);
- bv.bv_val=anUrl;
+ bv.bv_val=anUrl;
bv.bv_len=strlen(bv.bv_val);
- slapi_entry_attr_merge( anEntry, "ref", bvals);
+ slapi_entry_attr_merge( anEntry, "ref", bvals);
slapi_ch_free((void **)&anUrl);
}
- slapi_rwlock_unlock(cb->rwl_config_lock);
+ slapi_rwlock_unlock(cb->rwl_config_lock);
aciArray[0]=anEntry;
aciArray[1]=NULL;
@@ -442,12 +446,12 @@ int
chainingdb_next_search_entry ( Slapi_PBlock *pb )
{
- char *target;
+ Slapi_DN *target_sdn = NULL;
int sizelimit, timelimit;
int rc, parse_rc, retcode;
int i, attrsonly;
time_t optime;
- LDAPMessage *res=NULL;
+ LDAPMessage *res=NULL;
char *matched_msg,*error_msg;
cb_searchContext *ctx=NULL;
Slapi_Entry *entry;
@@ -459,13 +463,13 @@ chainingdb_next_search_entry ( Slapi_PBlock *pb )
matched_msg=error_msg=NULL;
- slapi_pblock_get( pb, SLAPI_SEARCH_RESULT_SET, &ctx );
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
- slapi_pblock_get( pb, SLAPI_SEARCH_TIMELIMIT, &timelimit );
- slapi_pblock_get( pb, SLAPI_SEARCH_SIZELIMIT, &sizelimit );
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &target );
- slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime );
- slapi_pblock_get( pb, SLAPI_SEARCH_ATTRSONLY, &attrsonly );
+ slapi_pblock_get( pb, SLAPI_SEARCH_RESULT_SET, &ctx );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TIMELIMIT, &timelimit );
+ slapi_pblock_get( pb, SLAPI_SEARCH_SIZELIMIT, &sizelimit );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &target_sdn );
+ slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime );
+ slapi_pblock_get( pb, SLAPI_SEARCH_ATTRSONLY, &attrsonly );
cb = cb_get_instance(be);
@@ -656,22 +660,22 @@ chainingdb_next_search_entry ( Slapi_PBlock *pb )
case LDAP_RES_SEARCH_REFERENCE:
/* The server sent a search reference encountered during the
- * search operation.
+ * search operation.
*/
/* heart-beat management */
- if (cb->max_idle_time>0)
- endtime=current_time() + cb->max_idle_time;
+ if (cb->max_idle_time>0)
+ endtime=current_time() + cb->max_idle_time;
parse_rc = ldap_parse_reference( ctx->ld, res, &referrals, NULL, 1 );
- if ( parse_rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL,
- ldap_err2string( parse_rc ), 0, NULL);
+ if ( parse_rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL,
+ ldap_err2string( parse_rc ), 0, NULL);
cb_release_op_connection(cb->pool,ctx->ld,CB_LDAP_CONN_ERROR(parse_rc));
slapi_ch_free((void **)&ctx);
- slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_SET,NULL);
- slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY,NULL);
+ slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_SET,NULL);
+ slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY,NULL);
return -1;
}
@@ -681,27 +685,27 @@ chainingdb_next_search_entry ( Slapi_PBlock *pb )
{
- struct berval bv;
+ struct berval bv;
int i;
- struct berval *bvals[2];
- Slapi_Entry *anEntry = slapi_entry_alloc();
- slapi_entry_set_dn(anEntry,slapi_ch_strdup(target));
+ struct berval *bvals[2];
+ Slapi_Entry *anEntry = slapi_entry_alloc();
+ slapi_entry_set_sdn(anEntry, target_sdn);
- bvals[1]=NULL;
- bvals[0]=&bv;
+ bvals[1]=NULL;
+ bvals[0]=&bv;
- bv.bv_val="referral";
- bv.bv_len=strlen(bv.bv_val);
- slapi_entry_add_values( anEntry, "objectclass", bvals);
+ bv.bv_val="referral";
+ bv.bv_len=strlen(bv.bv_val);
+ slapi_entry_add_values( anEntry, "objectclass", bvals);
for (i=0;referrals[i] != NULL; i++) {
- bv.bv_val=referrals[i];
+ bv.bv_val=referrals[i];
bv.bv_len=strlen(bv.bv_val);
- slapi_entry_add_values( anEntry, "ref", bvals);
+ slapi_entry_add_values( anEntry, "ref", bvals);
}
- slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_SET,ctx);
- slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY,anEntry);
+ slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_SET,ctx);
+ slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY,anEntry);
cb_set_acl_policy(pb);
}
diff --git a/ldap/servers/plugins/chainingdb/cb_utils.c b/ldap/servers/plugins/chainingdb/cb_utils.c
index 3b0123c..2492226 100644
--- a/ldap/servers/plugins/chainingdb/cb_utils.c
+++ b/ldap/servers/plugins/chainingdb/cb_utils.c
@@ -50,7 +50,7 @@ char * cb_get_rootdn() {
if (ret == NULL)
ret = slapi_ch_strdup(CB_DIRECTORY_MANAGER_DN);
if (ret)
- slapi_dn_normalize_case(ret); /* UTF8-aware */
+ slapi_dn_ignore_case(ret); /* UTF8-aware */
return ret;
}
diff --git a/ldap/servers/plugins/cos/cos_cache.c b/ldap/servers/plugins/cos/cos_cache.c
index bfb585e..6265728 100644
--- a/ldap/servers/plugins/cos/cos_cache.c
+++ b/ldap/servers/plugins/cos/cos_cache.c
@@ -679,57 +679,58 @@ static int cos_cache_build_definition_list(cosDefinitions **pDefs, int *vattr_ca
if(pSuffixSearch)
slapi_pblock_get( pSuffixSearch, SLAPI_PLUGIN_INTOP_RESULT, &ret);
- if(pSuffixSearch && ret == LDAP_SUCCESS)
+ if(!pSuffixSearch || ret != LDAP_SUCCESS) {
+ LDAPDebug( LDAP_DEBUG_ANY,
+ "cos_cache_build_definition_list: failed to find suffixes\n",
+ 0,0,0);
+ ret = -1;
+ goto next;
+ }
+
+ /* iterate through the suffixes and search for cos definitions */
+ slapi_pblock_get( pSuffixSearch, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES,
+ &pSuffixList );
+ if(!pSuffixList) {
+ goto next;
+ }
+ while(pSuffixList[suffixIndex])
{
- /* iterate through the suffixes and search for cos definitions */
- slapi_pblock_get( pSuffixSearch, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &pSuffixList);
- if(pSuffixList)
+ if(!slapi_entry_first_attr(pSuffixList[suffixIndex], &suffixAttr))
{
- while(pSuffixList[suffixIndex])
+ do
{
- if(!slapi_entry_first_attr(pSuffixList[suffixIndex], &suffixAttr))
+ attrType = 0;
+ slapi_attr_get_type(suffixAttr, &attrType);
+ if(attrType && !slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"namingcontexts"))
{
- do
+ if(!slapi_attr_get_bervals_copy(suffixAttr, &suffixVals))
{
- attrType = 0;
- slapi_attr_get_type(suffixAttr, &attrType);
- if(attrType && !slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"namingcontexts"))
+ valIndex = 0;
+
+ if(suffixVals)
{
- if(!slapi_attr_get_bervals_copy(suffixAttr, &suffixVals))
+ while(suffixVals[valIndex])
{
- valIndex = 0;
-
- if(suffixVals)
- {
- while(suffixVals[valIndex])
- {
- /* here's a suffix, lets search it... */
- if(suffixVals[valIndex]->bv_val)
- if(!cos_cache_add_dn_defs(suffixVals[valIndex]->bv_val ,pDefs, vattr_cacheable))
- cos_def_available = 1;
-
- valIndex++;
- }
+ /* here's a suffix, lets search it... */
+ if(suffixVals[valIndex]->bv_val)
+ if(!cos_cache_add_dn_defs(suffixVals[valIndex]->bv_val ,pDefs, vattr_cacheable))
+ cos_def_available = 1;
+
+ valIndex++;
+ }
- ber_bvecfree( suffixVals );
- suffixVals = NULL;
- }
- }
+ ber_bvecfree( suffixVals );
+ suffixVals = NULL;
}
-
- } while(!slapi_entry_next_attr(pSuffixList[suffixIndex], suffixAttr, &suffixAttr));
+ }
}
- suffixIndex++;
- }
+
+ } while(!slapi_entry_next_attr(pSuffixList[suffixIndex], suffixAttr, &suffixAttr));
}
+ suffixIndex++;
}
- else
- {
- LDAPDebug( LDAP_DEBUG_ANY, "cos_cache_build_definition_list: failed to find suffixes\n",0,0,0);
- ret = -1;
- }
-
+next:
if(cos_def_available == 0)
{
if(firstTime)
@@ -768,7 +769,8 @@ struct dn_defs_info {
* if a particular attempt to add a definition fails: info.ret gets set to
* zero only if we succed to add a def.
*/
-static int cos_dn_defs_cb (Slapi_Entry* e, void *callback_data) {
+static int cos_dn_defs_cb (Slapi_Entry* e, void *callback_data)
+{
struct dn_defs_info *info;
cosAttrValue **pSneakyVal = 0;
cosAttrValue *pObjectclass = 0;
@@ -793,286 +795,276 @@ static int cos_dn_defs_cb (Slapi_Entry* e, void *callback_data) {
info->vattr_cacheable = -1;
cos_cache_add_attrval(&pDn, slapi_entry_get_dn(e));
- if(!slapi_entry_first_attr(e, &dnAttr))
- {
- do
+ if(slapi_entry_first_attr(e, &dnAttr)) {
+ goto bail;
+ }
+
+ do {
+ attrType = 0;
+ /* we need to fill in the details of the definition now */
+ slapi_attr_get_type(dnAttr, &attrType);
+ if(!attrType) {
+ continue;
+ }
+ pSneakyVal = 0;
+ if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"objectclass"))
+ pSneakyVal = &pObjectclass;
+ else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosTargetTree"))
+ pSneakyVal = &pCosTargetTree;
+ else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosTemplateDn"))
+ pSneakyVal = &pCosTemplateDn;
+ else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosSpecifier"))
+ pSneakyVal = &pCosSpecifier;
+ else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosAttribute"))
+ pSneakyVal = &pCosAttribute;
+ else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosIndirectSpecifier"))
+ pSneakyVal = &pCosSpecifier;
+ if(!pSneakyVal) {
+ continue;
+ }
+ /* It's a type we're interested in */
+ if(slapi_attr_get_bervals_copy(dnAttr, &dnVals)) {
+ continue;
+ }
+ valIndex = 0;
+ if(!dnVals) {
+ continue;
+ }
+ for (valIndex = 0; dnVals[valIndex]; valIndex++)
{
- attrType = 0;
- /* we need to fill in the details of the definition now */
- slapi_attr_get_type(dnAttr, &attrType);
- if(attrType)
+ if(!dnVals[valIndex]->bv_val) {
+ continue;
+ }
+ /*
+ parse any overide or default values
+ and deal with them
+ */
+ if(pSneakyVal == &pCosAttribute)
{
- pSneakyVal = 0;
- if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"objectclass"))
- pSneakyVal = &pObjectclass;
- else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosTargetTree"))
- pSneakyVal = &pCosTargetTree;
- else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosTemplateDn"))
- pSneakyVal = &pCosTemplateDn;
- else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosSpecifier"))
- pSneakyVal = &pCosSpecifier;
- else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosAttribute"))
- pSneakyVal = &pCosAttribute;
- else if(!slapi_utf8casecmp((unsigned char*)attrType, (unsigned char*)"cosIndirectSpecifier"))
- pSneakyVal = &pCosSpecifier;
- if(pSneakyVal)
+ int qualifier_hit = 0;
+ int op_qualifier_hit = 0;
+ int merge_schemes_qualifier_hit = 0;
+ int override_qualifier_hit =0;
+ int default_qualifier_hit = 0;
+ int operational_default_qualifier_hit = 0;
+ do
{
- /* It's a type we're interested in */
- if(!slapi_attr_get_bervals_copy(dnAttr, &dnVals))
+ qualifier_hit = 0;
+
+ if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " operational"))
{
- valIndex = 0;
- if(dnVals)
- {
- while(dnVals[valIndex])
- {
- if(dnVals[valIndex]->bv_val)
- {
- /*
- parse any overide or default values
- and deal with them
- */
- if(pSneakyVal == &pCosAttribute)
- {
- int qualifier_hit = 0;
- int op_qualifier_hit = 0;
- int merge_schemes_qualifier_hit = 0;
- int override_qualifier_hit =0;
- int default_qualifier_hit = 0;
- int operational_default_qualifier_hit = 0;
- do
- {
- qualifier_hit = 0;
+ /* matched */
+ op_qualifier_hit = 1;
+ qualifier_hit = 1;
+ }
+
+ if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " merge-schemes"))
+ {
+ /* matched */
+ merge_schemes_qualifier_hit = 1;
+ qualifier_hit = 1;
+ }
- if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " operational"))
- {
- /* matched */
- op_qualifier_hit = 1;
- qualifier_hit = 1;
- }
-
- if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " merge-schemes"))
- {
- /* matched */
- merge_schemes_qualifier_hit = 1;
- qualifier_hit = 1;
- }
+ if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " override"))
+ {
+ /* matched */
+ override_qualifier_hit = 1;
+ qualifier_hit = 1;
+ }
+
+ if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " default")) {
+ default_qualifier_hit = 1;
+ qualifier_hit = 1;
+ }
- if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " override"))
- {
- /* matched */
- override_qualifier_hit = 1;
- qualifier_hit = 1;
- }
-
- if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " default")) {
- default_qualifier_hit = 1;
- qualifier_hit = 1;
- }
+ if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " operational-default")) {
+ operational_default_qualifier_hit = 1;
+ qualifier_hit = 1;
+ }
+ }
+ while(qualifier_hit == 1);
- if(cos_cache_backwards_stricmp_and_clip(dnVals[valIndex]->bv_val, " operational-default")) {
- operational_default_qualifier_hit = 1;
- qualifier_hit = 1;
- }
- }
- while(qualifier_hit == 1);
-
- /*
- * At this point, dnVals[valIndex]->bv_val
- * is the value of cosAttribute, stripped of
- * any qualifiers, so add this pure attribute type to
- * the appropriate lists.
- */
-
- if ( op_qualifier_hit ) {
- cos_cache_add_attrval(&pCosOperational,
- dnVals[valIndex]->bv_val);
- }
- if ( merge_schemes_qualifier_hit ) {
- cos_cache_add_attrval(&pCosMerge,
- dnVals[valIndex]->bv_val);
- }
- if ( override_qualifier_hit ) {
- cos_cache_add_attrval(&pCosOverrides,
- dnVals[valIndex]->bv_val);
- }
- if ( default_qualifier_hit ) {
- /* attr is added below in pSneakyVal, in any case */
- }
+ /*
+ * At this point, dnVals[valIndex]->bv_val
+ * is the value of cosAttribute, stripped of
+ * any qualifiers, so add this pure attribute type to
+ * the appropriate lists.
+ */
+
+ if ( op_qualifier_hit ) {
+ cos_cache_add_attrval(&pCosOperational,
+ dnVals[valIndex]->bv_val);
+ }
+ if ( merge_schemes_qualifier_hit ) {
+ cos_cache_add_attrval(&pCosMerge, dnVals[valIndex]->bv_val);
+ }
+ if ( override_qualifier_hit ) {
+ cos_cache_add_attrval(&pCosOverrides,
+ dnVals[valIndex]->bv_val);
+ }
+ if ( default_qualifier_hit ) {
+ /* attr is added below in pSneakyVal, in any case */
+ }
- if ( operational_default_qualifier_hit ) {
- cos_cache_add_attrval(&pCosOpDefault,
- dnVals[valIndex]->bv_val);
- }
+ if ( operational_default_qualifier_hit ) {
+ cos_cache_add_attrval(&pCosOpDefault,
+ dnVals[valIndex]->bv_val);
+ }
- if(!pCosTargetTree)
- {
- /* get the parent of the definition */
-
- char *parent = NULL;
- size_t plen = 0;
- int rc = 0;
- char *orig = slapi_dn_parent(pDn->val);
- rc = slapi_dn_normalize_ext(orig,
- 0, &parent, &plen);
- if (rc < 0) {
- LDAPDebug(LDAP_DEBUG_ANY,
- "cos_cache_build_definition_list: failed to normalize parent dn %s. Adding the pre normalized dn.\n", orig, 0, 0);
- parent = orig;
- } else if (rc == 0) {
- /* passed in. not terminated */
- *(parent + plen) = '\0';
- }
-
- cos_cache_add_attrval(&pCosTargetTree, parent);
- if(!pCosTemplateDn)
- cos_cache_add_attrval(&pCosTemplateDn, parent);
-
- if (orig != parent) {
- slapi_ch_free_string(&orig);
- }
- slapi_ch_free_string(&parent);
- }
-
- slapi_vattrspi_regattr((vattr_sp_handle *)vattr_handle, dnVals[valIndex]->bv_val, NULL, NULL);
- } /* if(attrType is cosAttribute) */
-
- /*
- * Add the attributetype to the appropriate
- * list.
- */
- cos_cache_add_attrval(pSneakyVal,
- dnVals[valIndex]->bv_val);
- }/*if(dnVals[valIndex]->bv_val)*/
-
- valIndex++;
- }/* while(dnVals[valIndex]) */
-
- ber_bvecfree( dnVals );
- dnVals = NULL;
- }/*if(dnVals)*/
+ if(!pCosTargetTree)
+ {
+ /* get the parent of the definition */
+ char *orig = slapi_dn_parent(pDn->val);
+ Slapi_DN *psdn = slapi_sdn_new_dn_byval(orig);
+ char *parent = (char *)slapi_sdn_get_dn(psdn);
+ if (!parent) {
+ parent = (char *)slapi_sdn_get_udn(psdn);
+ LDAPDebug(LDAP_DEBUG_ANY,
+ "cos_cache_build_definition_list: "
+ "failed to normalize parent dn %s. "
+ "Adding the pre normalized dn.\n",
+ parent, 0, 0);
}
- }/*if(pSneakyVal)*/
- }/*if(attrType)*/
+ cos_cache_add_attrval(&pCosTargetTree, parent);
+ if (!pCosTemplateDn) {
+ cos_cache_add_attrval(&pCosTemplateDn, parent);
+ }
+ slapi_sdn_free(&psdn);
+ }
+
+ slapi_vattrspi_regattr((vattr_sp_handle *)vattr_handle,
+ dnVals[valIndex]->bv_val, NULL, NULL);
+ } /* if(attrType is cosAttribute) */
+
+ /*
+ * Add the attributetype to the appropriate
+ * list.
+ */
+ cos_cache_add_attrval(pSneakyVal, dnVals[valIndex]->bv_val);
- } while(!slapi_entry_next_attr(e, dnAttr, &dnAttr));
+ }/* for (valIndex = 0; dnVals[valIndex]; valIndex++) */
- /*
- determine the type of class of service scheme
- */
-
- if(pObjectclass)
+ ber_bvecfree( dnVals );
+ dnVals = NULL;
+ } while(!slapi_entry_next_attr(e, dnAttr, &dnAttr));
+
+ /*
+ determine the type of class of service scheme
+ */
+
+ if(pObjectclass)
+ {
+ if(cos_cache_attrval_exists(pObjectclass, "cosDefinition"))
{
- if(cos_cache_attrval_exists(pObjectclass, "cosDefinition"))
- {
- cosType = COSTYPE_CLASSIC;
- }
- else if(cos_cache_attrval_exists(pObjectclass, "cosClassicDefinition"))
- {
- cosType = COSTYPE_CLASSIC;
-
- }
- else if(cos_cache_attrval_exists(pObjectclass, "cosPointerDefinition"))
- {
- cosType = COSTYPE_POINTER;
-
- }
- else if(cos_cache_attrval_exists(pObjectclass, "cosIndirectDefinition"))
- {
- cosType = COSTYPE_INDIRECT;
-
- }
- else
- cosType = COSTYPE_BADTYPE;
+ cosType = COSTYPE_CLASSIC;
}
-
- /*
- we should now have a full definition,
- do some sanity checks because we don't
- want bogus entries in the cache
- then ship it
- */
-
- /* these must exist */
- if( pDn &&
- pObjectclass &&
+ else if(cos_cache_attrval_exists(pObjectclass, "cosClassicDefinition"))
+ {
+ cosType = COSTYPE_CLASSIC;
- (
- (cosType == COSTYPE_CLASSIC &&
- pCosTemplateDn &&
- pCosSpecifier &&
- pCosAttribute )
- ||
- (cosType == COSTYPE_POINTER &&
- pCosTemplateDn &&
- pCosAttribute )
- ||
- (cosType == COSTYPE_INDIRECT &&
- pCosSpecifier &&
- pCosAttribute )
- )
- )
+ }
+ else if(cos_cache_attrval_exists(pObjectclass, "cosPointerDefinition"))
{
- int rc = 0;
- /*
- we'll leave the referential integrity stuff
- up to the referint plug-in and assume all
- is good - if it's not then we just have a
- useless definition and we'll nag copiously later.
- */
- char *pTmpDn = slapi_ch_strdup(pDn->val); /* because dn gets hosed on error */
- char ebuf[ BUFSIZ ];
+ cosType = COSTYPE_POINTER;
- if(!(rc = cos_cache_add_defn(info->pDefs, &pDn, cosType,
- &pCosTargetTree, &pCosTemplateDn,
- &pCosSpecifier, &pCosAttribute,
- &pCosOverrides, &pCosOperational,
- &pCosMerge, &pCosOpDefault))) {
- info->ret = 0; /* we have succeeded to add the defn*/
- } else {
- /*
- * Failed but we will continue the search for other defs
- * Don't reset info->ret....it keeps track of any success
- */
- if ( rc == COS_DEF_ERROR_NO_TEMPLATES) {
- LDAPDebug(LDAP_DEBUG_ANY, "Skipping CoS Definition %s"
- "--no CoS Templates found, "
- "which should be added before the CoS Definition.\n",
- escape_string(pTmpDn, ebuf), 0, 0);
- } else {
- LDAPDebug(LDAP_DEBUG_ANY, "Skipping CoS Definition %s\n"
- "--error(%d)\n",
- escape_string(pTmpDn, ebuf), rc, 0);
- }
- }
+ }
+ else if(cos_cache_attrval_exists(pObjectclass, "cosIndirectDefinition"))
+ {
+ cosType = COSTYPE_INDIRECT;
- slapi_ch_free_string(&pTmpDn);
}
else
- {
- /*
- this definition is brain dead - bail
- if we have a dn use it to report, if not then *really* bad
- things are going on
+ cosType = COSTYPE_BADTYPE;
+ }
+
+ /*
+ we should now have a full definition,
+ do some sanity checks because we don't
+ want bogus entries in the cache
+ then ship it
+ */
+
+ /* these must exist */
+ if( pDn &&
+ pObjectclass &&
+
+ (
+ (cosType == COSTYPE_CLASSIC &&
+ pCosTemplateDn &&
+ pCosSpecifier &&
+ pCosAttribute )
+ ||
+ (cosType == COSTYPE_POINTER &&
+ pCosTemplateDn &&
+ pCosAttribute )
+ ||
+ (cosType == COSTYPE_INDIRECT &&
+ pCosSpecifier &&
+ pCosAttribute )
+ )
+ )
+ {
+ int rc = 0;
+ /*
+ we'll leave the referential integrity stuff
+ up to the referint plug-in and assume all
+ is good - if it's not then we just have a
+ useless definition and we'll nag copiously later.
+ */
+ char *pTmpDn = slapi_ch_strdup(pDn->val); /* because dn gets hosed on error */
+ char ebuf[ BUFSIZ ];
+
+ if(!(rc = cos_cache_add_defn(info->pDefs, &pDn, cosType,
+ &pCosTargetTree, &pCosTemplateDn,
+ &pCosSpecifier, &pCosAttribute,
+ &pCosOverrides, &pCosOperational,
+ &pCosMerge, &pCosOpDefault))) {
+ info->ret = 0; /* we have succeeded to add the defn*/
+ } else {
+ /*
+ * Failed but we will continue the search for other defs
+ * Don't reset info->ret....it keeps track of any success
*/
- if(pDn)
- {
- LDAPDebug( LDAP_DEBUG_ANY, "cos_cache_add_dn_defs: incomplete cos definition detected in %s, discarding from cache.\n",pDn->val,0,0);
+ if ( rc == COS_DEF_ERROR_NO_TEMPLATES) {
+ LDAPDebug(LDAP_DEBUG_ANY, "Skipping CoS Definition %s"
+ "--no CoS Templates found, "
+ "which should be added before the CoS Definition.\n",
+ escape_string(pTmpDn, ebuf), 0, 0);
+ } else {
+ LDAPDebug(LDAP_DEBUG_ANY, "Skipping CoS Definition %s\n"
+ "--error(%d)\n",
+ escape_string(pTmpDn, ebuf), rc, 0);
}
- else
- LDAPDebug( LDAP_DEBUG_ANY, "cos_cache_add_dn_defs: incomplete cos definition detected, no DN to report, discarding from cache.\n",0,0,0);
-
- if(pCosTargetTree)
- cos_cache_del_attrval_list(&pCosTargetTree);
- if(pCosTemplateDn)
- cos_cache_del_attrval_list(&pCosTemplateDn);
- if(pCosSpecifier)
- cos_cache_del_attrval_list(&pCosSpecifier);
- if(pCosAttribute)
- cos_cache_del_attrval_list(&pCosAttribute);
- if(pDn)
- cos_cache_del_attrval_list(&pDn);
}
- }/*if(!slapi_entry_first_attr(e, &dnAttr))*/
+
+ slapi_ch_free_string(&pTmpDn);
+ }
+ else
+ {
+ /*
+ this definition is brain dead - bail
+ if we have a dn use it to report, if not then *really* bad
+ things are going on
+ */
+ if(pDn)
+ {
+ LDAPDebug( LDAP_DEBUG_ANY, "cos_cache_add_dn_defs: incomplete cos definition detected in %s, discarding from cache.\n",pDn->val,0,0);
+ }
+ else
+ LDAPDebug( LDAP_DEBUG_ANY, "cos_cache_add_dn_defs: incomplete cos definition detected, no DN to report, discarding from cache.\n",0,0,0);
+
+ if(pCosTargetTree)
+ cos_cache_del_attrval_list(&pCosTargetTree);
+ if(pCosTemplateDn)
+ cos_cache_del_attrval_list(&pCosTemplateDn);
+ if(pCosSpecifier)
+ cos_cache_del_attrval_list(&pCosSpecifier);
+ if(pCosAttribute)
+ cos_cache_del_attrval_list(&pCosAttribute);
+ if(pDn)
+ cos_cache_del_attrval_list(&pDn);
+ }
+bail:
/* we don't keep the objectclasses, so lets free them */
if(pObjectclass) {
cos_cache_del_attrval_list(&pObjectclass);
@@ -1544,7 +1536,8 @@ static void cos_cache_del_attrval_list(cosAttrValue **pVal)
---------------------
adds a value to an attribute value list
*/
-static int cos_cache_add_attrval(cosAttrValue **attrval, char *val)
+static int
+cos_cache_add_attrval(cosAttrValue **attrval, char *val)
{
int ret = 0;
cosAttrValue *theVal;
@@ -1953,36 +1946,28 @@ static int cos_cache_add_tmpl(cosTemplates **pTemplates, cosAttrValue *dn, cosAt
char *grade = NULL;
int grade_index = 0;
int index = 0;
- int lastindex = 0;
int template_default = 0;
- char *dnval = NULL;
- size_t dnlen = 0;
- int rc = 0;
-
- rc = slapi_dn_normalize_ext(dn->val, 0, &dnval, &dnlen);
- if (rc < 0) {
+ char *ptr = NULL;
+ char *normed = slapi_create_dn_string("%s", dn->val);
+ if (normed) {
+ slapi_ch_free_string(&dn->val);
+ dn->val = normed;
+ } else {
LDAPDebug(LDAP_DEBUG_ANY,
"cos_cache_add_tmpl: failed to normalize dn %s. "
- "Processing the pre normalized dn.\n", dn->val, 0, 0);
- } else if (rc == 0) {
- /* passed in. not terminated */
- *(dnval + dnlen) = '\0';
- } else {
- slapi_ch_free_string(&dn->val);
- dn->val = dnval;
+ "Processing the pre normalized dn.\n",
+ dn->val, 0, 0);
}
grade = (char*)slapi_ch_malloc(strlen(dn->val)+1);
/* extract the cos grade */
- while(dn->val[index] != '=' && dn->val[index] != '\0')
- index++;
- lastindex = strlen(dn->val) - 1;
-
- if(dn->val[index] == '=')
+ ptr = strchr(dn->val, '=');
+
+ if (ptr)
{
int quotes = 0;
-
- index++;
+ int lastindex = strlen(dn->val) - 1;
+ index = ptr - dn->val + 1;
/* copy the grade (supports one level of quote nesting in rdn) */
while(dn->val[index] != ',' || dn->val[index-1] == '\\' || quotes == 1)
@@ -2405,21 +2390,15 @@ static int cos_cache_query_attr(cos_cache *ptheCache, vattr_context *context, Sl
while((hit == 0 || merge_mode) && pTargetTree)
{
{
- int rc = 0;
- char *tval = NULL;
- size_t tlen = 0;
- rc = slapi_dn_normalize_ext(pTargetTree->val, 0, &tval, &tlen);
- if (rc < 0) {
+ char *normed = slapi_create_dn_string("%s", pTargetTree->val);
+ if (normed) {
+ slapi_ch_free_string(&pTargetTree->val);
+ pTargetTree->val = normed;
+ } else {
LDAPDebug(LDAP_DEBUG_ANY,
"cos_cache_query_attr: failed to normalize dn %s. "
"Processing the pre normalized dn.\n",
pTargetTree->val, 0, 0);
- } else if (rc == 0) {
- /* passed in. not terminated */
- *(tval + tlen) = '\0';
- } else {
- slapi_ch_free_string(&pTargetTree->val);
- pTargetTree->val = tval;
}
}
if( pTargetTree->val == 0 ||
@@ -2943,22 +2922,15 @@ static int cos_cache_index_all(cosCache *pCache)
while(pAttrVal)
{
- int rc = 0;
- char *dnval = NULL;
- size_t dnlen = 0;
- rc = slapi_dn_normalize_ext(pAttrVal->val, 0,
- &dnval, &dnlen);
- if (rc < 0) {
+ char *normed = slapi_create_dn_string("%s", pAttrVal->val);
+ if (normed) {
+ slapi_ch_free_string(&pAttrVal->val);
+ pAttrVal->val = normed;
+ } else {
LDAPDebug(LDAP_DEBUG_ANY,
"cos_cache_index_all: failed to normalize dn %s. "
"Processing the pre normalized dn.\n",
pAttrVal->val, 0, 0);
- } else if (rc == 0) {
- /* passed in. not terminated */
- *(dnval + dnlen) = '\0';
- } else {
- slapi_ch_free_string(&pAttrVal->val);
- pAttrVal->val = dnval;
}
pCache->ppTemplateList[tmpindex] = pAttrVal->val;
@@ -3356,7 +3328,8 @@ bail:
*/
void cos_cache_change_notify(Slapi_PBlock *pb)
{
- char *dn;
+ const char *dn;
+ Slapi_DN *sdn = NULL;
int do_update = 0;
struct slapi_entry *e;
Slapi_Backend *be=NULL;
@@ -3372,11 +3345,12 @@ void cos_cache_change_notify(Slapi_PBlock *pb)
goto bail;
/* need to work out if a cache rebuild is necessary */
- if(slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn ))
+ if(slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn ))
{
LDAPDebug( LDAP_DEBUG_ANY, "cos_cache_change_notify: failed to get dn of changed entry",0,0,0);
goto bail;
}
+ dn = slapi_sdn_get_dn(sdn);
slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &rc);
if (0 != rc) {
diff --git a/ldap/servers/plugins/dna/dna.c b/ldap/servers/plugins/dna/dna.c
index 2f4dd02..858a0d7 100644
--- a/ldap/servers/plugins/dna/dna.c
+++ b/ldap/servers/plugins/dna/dna.c
@@ -172,7 +172,7 @@ static PRCList *dna_global_config = NULL;
static Slapi_RWLock *g_dna_cache_lock;
static void *_PluginID = NULL;
-static char *_PluginDN = NULL;
+static const char *_PluginDN = NULL;
static int g_plugin_started = 0;
@@ -227,6 +227,7 @@ static int dna_load_host_port();
*
*/
static char *dna_get_dn(Slapi_PBlock * pb);
+static Slapi_DN *dna_get_sdn(Slapi_PBlock * pb);
static int dna_dn_is_config(char *dn);
static int dna_get_next_value(struct configEntry * config_entry,
char **next_value_ret);
@@ -330,12 +331,12 @@ void *getPluginID()
return _PluginID;
}
-void setPluginDN(char *pluginDN)
+void setPluginDN(const char *pluginDN)
{
_PluginDN = pluginDN;
}
-char *getPluginDN()
+const char *getPluginDN()
{
return _PluginDN;
}
@@ -489,7 +490,8 @@ dna_exop_init(Slapi_PBlock * pb)
static int
dna_start(Slapi_PBlock * pb)
{
- char *plugindn = NULL;
+ Slapi_DN *pluginsdn = NULL;
+ const char *plugindn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
"--> dna_start\n");
@@ -513,12 +515,13 @@ dna_start(Slapi_PBlock * pb)
* and store it for future use. This should avoid
* hardcoding of DN's in the code.
*/
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &plugindn);
- if (NULL == plugindn || 0 == strlen(plugindn)) {
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &pluginsdn);
+ if (NULL == pluginsdn || 0 == slapi_sdn_get_ndn_len(pluginsdn)) {
slapi_log_error(SLAPI_LOG_PLUGIN, DNA_PLUGIN_SUBSYSTEM,
"dna_start: had to use hard coded config dn\n");
plugindn = DNA_DN;
} else {
+ plugindn = slapi_sdn_get_dn(pluginsdn);
slapi_log_error(SLAPI_LOG_PLUGIN, DNA_PLUGIN_SUBSYSTEM,
"dna_start: config at %s\n", plugindn);
@@ -857,12 +860,17 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
Slapi_DN *sdn = NULL;
char *normdn = NULL;
- sdn = slapi_sdn_new_dn_byref(value);
+ sdn = slapi_sdn_new_dn_passin(value);
- if (sdn) {
- slapi_search_internal_get_entry(sdn, NULL, &shared_e, getPluginID());
- slapi_sdn_free(&sdn);
+ if (!sdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
+ "dna_parse_config_entry: Unable to create "
+ "slapi_dn (%s)\n", value);
+ ret = DNA_FAILURE;
+ slapi_ch_free_string(&value);
+ goto bail;
}
+ slapi_search_internal_get_entry(sdn, NULL, &shared_e, getPluginID());
/* Make sure that the shared config entry exists. */
if (!shared_e) {
@@ -872,23 +880,23 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
"dna_parse_config_entry: Unable to locate "
"shared configuration entry (%s)\n", value);
ret = DNA_FAILURE;
- slapi_ch_free_string(&value);
+ slapi_sdn_free(&sdn);
goto bail;
} else {
slapi_entry_free(shared_e);
shared_e = NULL;
}
- normdn = slapi_create_dn_string("%s", value);
+ normdn = (char *)slapi_sdn_get_dn(sdn);
if (NULL == normdn) {
slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
"dna_parse_config_entry: failed to normalize dn: "
"%s\n", value);
ret = DNA_FAILURE;
- slapi_ch_free_string(&value);
+ slapi_sdn_free(&sdn);
goto bail;
}
- entry->shared_cfg_base = normdn;
+ entry->shared_cfg_base = slapi_ch_strdup(normdn);
/* We prepend the host & port of this instance as a
* multi-part RDN for the shared config entry. */
@@ -900,7 +908,7 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
"%s=%s+%s=%s,%s", DNA_HOSTNAME,
hostname, DNA_PORTNUM, portnum, value);
ret = DNA_FAILURE;
- slapi_ch_free_string(&value);
+ slapi_sdn_free(&sdn);
goto bail;
}
entry->shared_cfg_dn = normdn;
@@ -908,7 +916,7 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
"----------> %s [%s]\n", DNA_SHARED_CFG_DN,
entry->shared_cfg_base);
- slapi_ch_free_string(&value);
+ slapi_sdn_free(&sdn);
}
value = slapi_entry_attr_get_charptr(e, DNA_THRESHOLD);
@@ -1725,11 +1733,11 @@ bail:
static char *dna_get_dn(Slapi_PBlock * pb)
{
- char *dn = 0;
+ Slapi_DN *sdn = 0;
slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
"--> dna_get_dn\n");
- if (slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn)) {
+ if (slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn)) {
slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
"dna_get_dn: failed to get dn of changed entry");
goto bail;
@@ -1739,7 +1747,20 @@ static char *dna_get_dn(Slapi_PBlock * pb)
slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
"<-- dna_get_dn\n");
- return dn;
+ return (char *)slapi_sdn_get_dn(sdn);
+}
+
+static Slapi_DN *
+dna_get_sdn(Slapi_PBlock * pb)
+{
+ Slapi_DN *sdn = 0;
+ slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
+ "--> dna_get_sdn\n");
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
+ "<-- dna_get_sdn\n");
+
+ return sdn;
}
/* config check
@@ -2785,10 +2806,9 @@ static int dna_pre_op(Slapi_PBlock * pb, int modtype)
*
slapi_pblock_get( pb, SLAPI_MODIFY_EXISTING_ENTRY, &e);
*/
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
+ Slapi_DN *tmp_dn = dna_get_sdn(pb);
if (tmp_dn) {
slapi_search_internal_get_entry(tmp_dn, 0, &e, getPluginID());
- slapi_sdn_free(&tmp_dn);
free_entry = 1;
}
diff --git a/ldap/servers/plugins/linkedattrs/fixup_task.c b/ldap/servers/plugins/linkedattrs/fixup_task.c
index d550570..d5d0b14 100644
--- a/ldap/servers/plugins/linkedattrs/fixup_task.c
+++ b/ldap/servers/plugins/linkedattrs/fixup_task.c
@@ -279,7 +279,7 @@ static int
linked_attrs_remove_backlinks_callback(Slapi_Entry *e, void *callback_data)
{
int rc = 0;
- char *dn = slapi_entry_get_dn(e);
+ Slapi_DN *sdn = slapi_entry_get_sdn(e);
char *type = (char *)callback_data;
Slapi_PBlock *pb = slapi_pblock_new();
char *val[1];
@@ -298,11 +298,11 @@ linked_attrs_remove_backlinks_callback(Slapi_Entry *e, void *callback_data)
slapi_log_error(SLAPI_LOG_PLUGIN, LINK_PLUGIN_SUBSYSTEM,
"Removing backpointer attribute (%s) from entry (%s)\n",
- type, dn);
+ type, slapi_sdn_get_dn(sdn));
/* Perform the operation. */
- slapi_modify_internal_set_pb(pb, dn, mods, 0, 0,
- linked_attrs_get_plugin_id(), 0);
+ slapi_modify_internal_set_pb_ext(pb, sdn, mods, 0, 0,
+ linked_attrs_get_plugin_id(), 0);
slapi_modify_internal_pb(pb);
slapi_pblock_destroy(pb);
@@ -339,6 +339,7 @@ linked_attrs_add_backlinks_callback(Slapi_Entry *e, void *callback_data)
for (i = 0; targets && targets[i]; ++i) {
char *targetdn = (char *)targets[i];
int perform_update = 0;
+ Slapi_DN *targetsdn = slapi_sdn_new_dn_byref(targetdn);
if (config->scope) {
/* Check if the target is within the scope. */
@@ -348,14 +349,12 @@ linked_attrs_add_backlinks_callback(Slapi_Entry *e, void *callback_data)
* and see if the target is in the same backend. */
Slapi_Backend *be = NULL;
Slapi_DN *linksdn = slapi_sdn_new_dn_byref(linkdn);
- Slapi_DN *targetsdn = slapi_sdn_new_dn_byref(targetdn);
if ((be = slapi_be_select(linksdn))) {
perform_update = slapi_sdn_issuffix(targetsdn, slapi_be_getsuffix(be, 0));
}
slapi_sdn_free(&linksdn);
- slapi_sdn_free(&targetsdn);
}
if (perform_update) {
@@ -364,13 +363,14 @@ linked_attrs_add_backlinks_callback(Slapi_Entry *e, void *callback_data)
linkdn, targetdn);
/* Perform the modify operation. */
- slapi_modify_internal_set_pb(pb, targetdn, mods, 0, 0,
- linked_attrs_get_plugin_id(), 0);
+ slapi_modify_internal_set_pb_ext(pb, targetsdn, mods, 0, 0,
+ linked_attrs_get_plugin_id(), 0);
slapi_modify_internal_pb(pb);
/* Initialize the pblock so we can reuse it. */
slapi_pblock_init(pb);
}
+ slapi_sdn_free(&targetsdn);
}
slapi_ch_array_free(targets);
diff --git a/ldap/servers/plugins/linkedattrs/linked_attrs.c b/ldap/servers/plugins/linkedattrs/linked_attrs.c
index 75df753..5c6d462 100644
--- a/ldap/servers/plugins/linkedattrs/linked_attrs.c
+++ b/ldap/servers/plugins/linkedattrs/linked_attrs.c
@@ -94,6 +94,7 @@ static void linked_attrs_free_config_entry(struct configEntry ** entry);
* helpers
*/
static char *linked_attrs_get_dn(Slapi_PBlock * pb);
+static Slapi_DN *linked_attrs_get_sdn(Slapi_PBlock * pb);
static int linked_attrs_dn_is_config(char *dn);
static void linked_attrs_find_config(const char *dn, const char *type,
struct configEntry **config);
@@ -152,9 +153,9 @@ linked_attrs_get_plugin_id()
}
void
-linked_attrs_set_plugin_dn(char *pluginDN)
+linked_attrs_set_plugin_dn(const char *pluginDN)
{
- _PluginDN = pluginDN;
+ _PluginDN = (char *)pluginDN;
}
char *
@@ -281,7 +282,7 @@ linked_attrs_postop_init(Slapi_PBlock *pb)
static int
linked_attrs_start(Slapi_PBlock * pb)
{
- char *plugindn = NULL;
+ Slapi_DN *plugindn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
"--> linked_attrs_start\n");
@@ -303,14 +304,14 @@ linked_attrs_start(Slapi_PBlock * pb)
/*
* Get the plug-in target dn from the system
* and store it for future use. */
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &plugindn);
- if (NULL == plugindn || 0 == strlen(plugindn)) {
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &plugindn);
+ if (NULL == plugindn || 0 == slapi_sdn_get_ndn_len(plugindn)) {
slapi_log_error(SLAPI_LOG_PLUGIN, LINK_PLUGIN_SUBSYSTEM,
"linked_attrs_start: unable to retrieve plugin dn\n");
return -1;
}
- linked_attrs_set_plugin_dn(plugindn);
+ linked_attrs_set_plugin_dn(slapi_sdn_get_dn(plugindn));
/*
* Load the config cache
@@ -540,7 +541,7 @@ linked_attrs_parse_config_entry(Slapi_Entry * e, int apply)
char *syntaxoid = NULL;
Slapi_Attr *attr = slapi_attr_new();
- /* Set this first so we free it if we encounter an error */
+ /* Set this first so we free it if we encounter an error */
entry->managedtype = value;
/* Gather some information about this attribute. */
@@ -816,21 +817,36 @@ linked_attrs_delete_config()
static char *
linked_attrs_get_dn(Slapi_PBlock * pb)
{
- char *dn = 0;
+ const char *dn = 0;
+ Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
"--> linked_attrs_get_dn\n");
- if (slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn)) {
+ if (slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn)) {
slapi_log_error(SLAPI_LOG_FATAL, LINK_PLUGIN_SUBSYSTEM,
"linked_attrs_get_dn: failed to get dn of changed entry");
goto bail;
}
+ dn = slapi_sdn_get_dn(sdn);
bail:
slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
"<-- linked_attrs_get_dn\n");
- return dn;
+ return (char *)dn;
+}
+
+static Slapi_DN *
+linked_attrs_get_sdn(Slapi_PBlock * pb)
+{
+ Slapi_DN *sdn = 0;
+ slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
+ "--> linked_attrs_get_sdn\n");
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
+ "<-- linked_attrs_get_sdn\n");
+
+ return sdn;
}
/*
@@ -1406,6 +1422,7 @@ linked_attrs_mod_backpointers(char *linkdn, char *type,
{
int perform_update = 0;
const char *targetdn = slapi_value_get_string(targetval);
+ Slapi_DN *targetsdn = slapi_sdn_new_dn_byref(targetdn);
/* If we have a scope, only update the target if it is within
* the scope. If we don't have a scope, only update the target
@@ -1415,14 +1432,12 @@ linked_attrs_mod_backpointers(char *linkdn, char *type,
} else {
Slapi_Backend *be = NULL;
Slapi_DN *linksdn = slapi_sdn_new_dn_byref(linkdn);
- Slapi_DN *targetsdn = slapi_sdn_new_dn_byref(targetdn);
if ((be = slapi_be_select(linksdn))) {
perform_update = slapi_sdn_issuffix(targetsdn, slapi_be_getsuffix(be, 0));
}
slapi_sdn_free(&linksdn);
- slapi_sdn_free(&targetsdn);
}
if (perform_update) {
@@ -1432,13 +1447,14 @@ linked_attrs_mod_backpointers(char *linkdn, char *type,
linkdn, targetdn);
/* Perform the modify operation. */
- slapi_modify_internal_set_pb(mod_pb, targetdn, mods, 0, 0,
- linked_attrs_get_plugin_id(), 0);
+ slapi_modify_internal_set_pb_ext(mod_pb, targetsdn, mods, 0, 0,
+ linked_attrs_get_plugin_id(), 0);
slapi_modify_internal_pb(mod_pb);
/* Initialize the pblock so we can reuse it. */
slapi_pblock_init(mod_pb);
}
+ slapi_sdn_free(&targetsdn);
i = slapi_valueset_next_value(targetvals, i, &targetval);
}
@@ -1488,10 +1504,10 @@ linked_attrs_pre_op(Slapi_PBlock * pb, int modop)
} else {
/* Fetch the entry being modified so we can
* create the resulting entry for validation. */
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
+ /* int free_sdn = 0; */
+ Slapi_DN *tmp_dn = linked_attrs_get_sdn(pb);
if (tmp_dn) {
slapi_search_internal_get_entry(tmp_dn, 0, &e, linked_attrs_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
free_entry = 1;
}
diff --git a/ldap/servers/plugins/linkedattrs/linked_attrs.h b/ldap/servers/plugins/linkedattrs/linked_attrs.h
index c6e6347..8dfb4f0 100644
--- a/ldap/servers/plugins/linkedattrs/linked_attrs.h
+++ b/ldap/servers/plugins/linkedattrs/linked_attrs.h
@@ -127,7 +127,7 @@ void linked_attrs_unlock();
*/
void linked_attrs_set_plugin_id(void *pluginID);
void *linked_attrs_get_plugin_id();
-void linked_attrs_set_plugin_dn(char *pluginDN);
+void linked_attrs_set_plugin_dn(const char *pluginDN);
char *linked_attrs_get_plugin_dn();
/*
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
index c2d87bb..9956dfe 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -494,8 +494,8 @@ int memberof_del_dn_type_callback(Slapi_Entry *e, void *callback_data)
mod.mod_type = ((memberof_del_dn_data *)callback_data)->type;
mod.mod_values = val;
- slapi_modify_internal_set_pb(
- mod_pb, slapi_entry_get_dn(e),
+ slapi_modify_internal_set_pb_ext(
+ mod_pb, slapi_entry_get_sdn(e),
mods, 0, 0,
memberof_get_plugin_id(), 0);
@@ -752,8 +752,8 @@ int memberof_replace_dn_type_callback(Slapi_Entry *e, void *callback_data)
addmod.mod_type = ((replace_dn_data *)callback_data)->type;
addmod.mod_values = addval;
- slapi_modify_internal_set_pb(
- mod_pb, slapi_entry_get_dn(e),
+ slapi_modify_internal_set_pb_ext(
+ mod_pb, slapi_entry_get_sdn(e),
mods, 0, 0,
memberof_get_plugin_id(), 0);
@@ -1051,11 +1051,13 @@ bail:
*/
char *memberof_getdn(Slapi_PBlock *pb)
{
- char *dn = 0;
+ const char *dn = 0;
+ Slapi_DN *sdn = NULL;
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
-
- return dn;
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ dn = slapi_sdn_get_dn(sdn);
+
+ return (char *)dn;
}
/*
@@ -2385,6 +2387,7 @@ int memberof_fix_memberof_callback(Slapi_Entry *e, void *callback_data)
{
int rc = 0;
char *dn = slapi_entry_get_dn(e);
+ Slapi_DN *sdn = slapi_entry_get_sdn(e);
struct fix_memberof_callback_data *cb_data = (struct fix_memberof_callback_data *)callback_data;
MemberOfConfig *config = cb_data->config;
memberof_del_dn_data del_data = {0, config->memberof_attr, cb_data->txn};
@@ -2420,8 +2423,8 @@ int memberof_fix_memberof_callback(Slapi_Entry *e, void *callback_data)
mods[0] = slapi_mod_get_ldapmod_passout(smod);
mods[1] = 0;
- slapi_modify_internal_set_pb(
- mod_pb, dn, mods, 0, 0,
+ slapi_modify_internal_set_pb_ext(
+ mod_pb, sdn, mods, 0, 0,
memberof_get_plugin_id(), 0);
slapi_pblock_set(mod_pb, SLAPI_TXN, cb_data->txn);
diff --git a/ldap/servers/plugins/mep/mep.c b/ldap/servers/plugins/mep/mep.c
index 0241cd3..237ef91 100644
--- a/ldap/servers/plugins/mep/mep.c
+++ b/ldap/servers/plugins/mep/mep.c
@@ -94,11 +94,11 @@ static void mep_free_config_entry(struct configEntry ** entry);
/*
* helpers
*/
-static char *mep_get_dn(Slapi_PBlock * pb);
+static Slapi_DN *mep_get_sdn(Slapi_PBlock * pb);
static Slapi_DN *mep_get_config_area();
static void mep_set_config_area(Slapi_DN *sdn);
-static int mep_dn_is_config(char *dn);
-static int mep_dn_is_template(char *dn);
+static int mep_dn_is_config(Slapi_DN *sdn);
+static int mep_dn_is_template(const char *dn);
static void mep_find_config(Slapi_Entry *e, struct configEntry **config);
static void mep_find_config_by_template_dn(const char *template_dn,
struct configEntry **config);
@@ -109,7 +109,7 @@ static Slapi_Entry *mep_create_managed_entry(struct configEntry *config,
static void mep_add_managed_entry(struct configEntry *config,
Slapi_Entry *origin);
static void mep_rename_managed_entry(Slapi_Entry *origin,
- char *new_dn, char *old_dn);
+ Slapi_DN *new_dn, Slapi_DN *old_dn);
static Slapi_Mods *mep_get_mapped_mods(struct configEntry *config,
Slapi_Entry *origin, char **mapped_dn);
static int mep_parse_mapped_attr(char *mapping, Slapi_Entry *origin,
@@ -289,7 +289,7 @@ mep_postop_init(Slapi_PBlock *pb)
static int
mep_start(Slapi_PBlock * pb)
{
- char *plugindn = NULL;
+ Slapi_DN *plugindn = NULL;
char *config_area = NULL;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
@@ -312,14 +312,14 @@ mep_start(Slapi_PBlock * pb)
/*
* Get the plug-in target dn from the system
* and store it for future use. */
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &plugindn);
- if (NULL == plugindn || 0 == strlen(plugindn)) {
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &plugindn);
+ if (NULL == plugindn || 0 == slapi_sdn_get_ndn_len(plugindn)) {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_start: unable to retrieve plugin dn\n");
return -1;
}
- mep_set_plugin_sdn(slapi_sdn_new_dn_byref(plugindn));
+ mep_set_plugin_sdn(slapi_sdn_dup(plugindn));
/* Set the alternate config area if one is defined. */
slapi_pblock_get(pb, SLAPI_PLUGIN_CONFIG_AREA, &config_area);
@@ -434,8 +434,10 @@ mep_load_config()
/* Find the config entries beneath our plugin entry. */
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_load_config: Looking for config entries "
- "beneath \"%s\".\n", slapi_sdn_get_ndn(mep_get_plugin_sdn()));
- slapi_search_internal_set_pb(search_pb, slapi_sdn_get_ndn(mep_get_plugin_sdn()),
+ "beneath \"%s\".\n",
+ slapi_sdn_get_ndn(mep_get_plugin_sdn()));
+ slapi_search_internal_set_pb(search_pb,
+ slapi_sdn_get_ndn(mep_get_plugin_sdn()),
LDAP_SCOPE_SUBTREE, "objectclass=*",
NULL, 0, NULL, NULL, mep_get_plugin_id(), 0);
}
@@ -769,24 +771,17 @@ mep_delete_config()
/*
* Helper functions
*/
-static char *
-mep_get_dn(Slapi_PBlock * pb)
+static Slapi_DN *
+mep_get_sdn(Slapi_PBlock * pb)
{
- char *dn = 0;
+ Slapi_DN *sdn = 0;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
- "--> mep_get_dn\n");
-
- if (slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn)) {
- slapi_log_error(SLAPI_LOG_FATAL, MEP_PLUGIN_SUBSYSTEM,
- "mep_get_dn: failed to get dn of changed entry");
- goto bail;
- }
-
- bail:
+ "--> mep_get_sdn\n");
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
- "<-- mep_get_dn\n");
+ "<-- mep_get_sdn\n");
- return dn;
+ return sdn;
}
static void
@@ -807,20 +802,17 @@ mep_get_config_area()
* Checks if dn is a managed entries config entry.
*/
static int
-mep_dn_is_config(char *dn)
+mep_dn_is_config(Slapi_DN *sdn)
{
int ret = 0;
- Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
"--> mep_dn_is_config\n");
- if (dn == NULL) {
+ if (sdn == NULL) {
goto bail;
}
- sdn = slapi_sdn_new_dn_byref(dn);
-
/* If an alternate config area is configured, treat it's child
* entries as config entries. If the alternate config area is
* not configured, treat children of the top-level plug-in
@@ -838,7 +830,6 @@ mep_dn_is_config(char *dn)
}
bail:
- slapi_sdn_free(&sdn);
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
"<-- mep_dn_is_config\n");
@@ -851,7 +842,7 @@ bail:
* Checks if dn is a managed entries template.
*/
static int
-mep_dn_is_template(char *dn)
+mep_dn_is_template(const char *dn)
{
int ret = 0;
PRCList *list = NULL;
@@ -1139,7 +1130,7 @@ mep_create_managed_entry(struct configEntry *config, Slapi_Entry *origin)
/* Create the DN using the mapped RDN value
* and the base specified in the config. */
- dn = slapi_create_dn_string("%s=%s,%s", rdn_type, rdn_val, config->managed_base);
+ dn = slapi_ch_smprintf("%s=%s,%s", rdn_type, rdn_val, config->managed_base);
slapi_ch_free_string(&rdn_val);
@@ -1259,8 +1250,9 @@ mep_add_managed_entry(struct configEntry *config,
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"Adding %s pointer to \"%s\" in entry \"%s\"\n.",
MEP_MANAGED_ENTRY_TYPE, managed_dn, slapi_entry_get_dn(origin));
- slapi_modify_internal_set_pb(mod_pb, slapi_entry_get_dn(origin),
- mods, 0, 0, mep_get_plugin_id(), 0);
+ slapi_modify_internal_set_pb_ext(mod_pb,
+ slapi_entry_get_sdn(origin),
+ mods, 0, 0, mep_get_plugin_id(), 0);
slapi_modify_internal_pb(mod_pb);
slapi_pblock_get(mod_pb, SLAPI_PLUGIN_INTOP_RESULT, &result);
@@ -1283,8 +1275,9 @@ mep_add_managed_entry(struct configEntry *config,
* Renames a managed entry and updates the pointer in the
* origin entry.
*/
-static void mep_rename_managed_entry(Slapi_Entry *origin,
- char *new_dn, char *old_dn)
+static void
+mep_rename_managed_entry(Slapi_Entry *origin,
+ Slapi_DN *new_dn, Slapi_DN *old_dn)
{
Slapi_RDN *srdn = slapi_rdn_new();
Slapi_PBlock *mep_pb = slapi_pblock_new();
@@ -1299,10 +1292,10 @@ static void mep_rename_managed_entry(Slapi_Entry *origin,
}
/* Create new RDN */
- slapi_rdn_set_dn(srdn, new_dn);
+ slapi_rdn_set_dn(srdn, slapi_sdn_get_ndn(new_dn));
/* Rename the managed entry. */
- slapi_rename_internal_set_pb(mep_pb, old_dn,
+ slapi_rename_internal_set_pb_ext(mep_pb, old_dn,
slapi_rdn_get_rdn(srdn),
NULL, 1, NULL, NULL, mep_get_plugin_id(), 0);
slapi_modrdn_internal_pb(mep_pb);
@@ -1311,14 +1304,14 @@ static void mep_rename_managed_entry(Slapi_Entry *origin,
if (result != LDAP_SUCCESS) {
slapi_log_error(SLAPI_LOG_FATAL, MEP_PLUGIN_SUBSYSTEM,
"mep_rename_managed_entry: Unable to rename managed "
- "entry \"%s\" to \"%s\" (%s).\n", old_dn,
- new_dn, ldap_err2string(result));
+ "entry \"%s\" to \"%s\" (%s).\n", slapi_sdn_get_dn(old_dn),
+ slapi_sdn_get_dn(new_dn), ldap_err2string(result));
} else {
/* Clear out the pblock for reuse. */
slapi_pblock_init(mep_pb);
/* Update the link to the managed entry in the origin entry. */
- vals[0] = new_dn;
+ vals[0] = (char *)slapi_sdn_get_dn(new_dn);
vals[1] = 0;
mod.mod_op = LDAP_MOD_REPLACE;
mod.mod_type = MEP_MANAGED_ENTRY_TYPE;
@@ -1331,8 +1324,8 @@ static void mep_rename_managed_entry(Slapi_Entry *origin,
"mep_rename_managed_entry: Updating %s pointer to "
"\"%s\" in entry \"%s\"\n.", MEP_MANAGED_ENTRY_TYPE,
vals[0], slapi_entry_get_dn(origin));
- slapi_modify_internal_set_pb(mep_pb, slapi_entry_get_dn(origin), mods,
- 0, 0, mep_get_plugin_id(), 0);
+ slapi_modify_internal_set_pb_ext(mep_pb, slapi_entry_get_sdn(origin),
+ mods, 0, 0, mep_get_plugin_id(), 0);
slapi_modify_internal_pb(mep_pb);
slapi_pblock_get(mep_pb, SLAPI_PLUGIN_INTOP_RESULT, &result);
@@ -1742,7 +1735,7 @@ mep_is_mapped_attr(Slapi_Entry *template, char *type)
static int
mep_pre_op(Slapi_PBlock * pb, int modop)
{
- char *dn = 0;
+ Slapi_DN *sdn = NULL;
Slapi_Entry *e = 0;
Slapi_Mods *smods = 0;
LDAPMod **mods;
@@ -1762,10 +1755,10 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
/* See if we're calling ourselves. */
slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &caller_id);
- if (0 == (dn = mep_get_dn(pb)))
+ if (0 == (sdn = mep_get_sdn(pb)))
goto bail;
- if (mep_dn_is_config(dn)) {
+ if (mep_dn_is_config(sdn)) {
/* Validate config changes, but don't apply them.
* This allows us to reject invalid config changes
* here at the pre-op stage. Applying the config
@@ -1777,10 +1770,8 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
} else if (LDAP_CHANGETYPE_MODIFY == modop) {
/* Fetch the entry being modified so we can
* create the resulting entry for validation. */
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
- if (tmp_dn) {
- slapi_search_internal_get_entry(tmp_dn, 0, &e, mep_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
+ if (sdn) {
+ slapi_search_internal_get_entry(sdn, 0, &e, mep_get_plugin_id());
free_entry = 1;
}
@@ -1829,11 +1820,10 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
goto bail;
}
- mep_find_config_by_template_dn(dn, &config);
+ mep_find_config_by_template_dn(slapi_sdn_get_dn(sdn), &config);
if (config) {
Slapi_Entry *test_entry = NULL;
struct configEntry *config_copy = NULL;
- Slapi_DN *tmp_dn = NULL;
config_copy = (struct configEntry *)slapi_ch_calloc(1, sizeof(struct configEntry));
@@ -1860,12 +1850,9 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
ret = LDAP_UNWILLING_TO_PERFORM;
break;
case LDAP_CHANGETYPE_MODIFY:
- tmp_dn = slapi_sdn_new_dn_byref(dn);
-
/* Fetch the existing template entry. */
- if (tmp_dn) {
- slapi_search_internal_get_entry(tmp_dn, 0, &e, mep_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
+ if (sdn) {
+ slapi_search_internal_get_entry(sdn, 0, &e, mep_get_plugin_id());
free_entry = 1;
}
@@ -1920,7 +1907,6 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
* this plugin. */
if (((modop == LDAP_CHANGETYPE_DELETE) || (modop == LDAP_CHANGETYPE_MODDN) ||
(modop == LDAP_CHANGETYPE_MODIFY)) && (caller_id != mep_get_plugin_id())) {
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
Slapi_Entry *origin_e = NULL;
Slapi_Mod *smod = NULL;
Slapi_Mod *next_mod = NULL;
@@ -1928,14 +1914,13 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
Slapi_DN *origin_sdn = NULL;
/* Fetch the target entry. */
- if (tmp_dn) {
+ if (sdn) {
/* Free any existing entry so we don't leak it. */
if (e && free_entry) {
slapi_entry_free(e);
}
- slapi_search_internal_get_entry(tmp_dn, 0, &e, mep_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
+ slapi_search_internal_get_entry(sdn, 0, &e, mep_get_plugin_id());
free_entry = 1;
}
@@ -2070,7 +2055,7 @@ mep_mod_post_op(Slapi_PBlock *pb)
Slapi_Mods *smods = NULL;
Slapi_PBlock *mep_pb = NULL;
Slapi_Entry *e = NULL;
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
char *managed_dn = NULL;
Slapi_DN *managed_sdn = NULL;
char *mapped_dn = NULL;
@@ -2085,9 +2070,9 @@ mep_mod_post_op(Slapi_PBlock *pb)
if (!g_plugin_started)
return 0;
- if (mep_oktodo(pb) && (dn = mep_get_dn(pb))) {
+ if (mep_oktodo(pb) && (sdn = mep_get_sdn(pb))) {
/* First check if the config or a template is being modified. */
- if (mep_dn_is_config(dn) || mep_dn_is_template(dn)) {
+ if (mep_dn_is_config(sdn) || mep_dn_is_template(slapi_sdn_get_dn(sdn))) {
mep_load_config();
}
@@ -2143,7 +2128,7 @@ mep_mod_post_op(Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_FATAL, MEP_PLUGIN_SUBSYSTEM,
"mep_mod_post_op: Unable to update mapped "
"attributes from origin entry \"%s\" in managed "
- "entry \"%s\" (%s).\n", dn, managed_dn,
+ "entry \"%s\" (%s).\n", slapi_sdn_get_dn(sdn), managed_dn,
ldap_err2string(result));
}
@@ -2157,7 +2142,7 @@ mep_mod_post_op(Slapi_PBlock *pb)
managed_sdn = slapi_sdn_new_dn_byref(managed_dn);
if (slapi_sdn_compare(managed_sdn, mapped_sdn) != 0) {
- mep_rename_managed_entry(e, mapped_dn, managed_dn);
+ mep_rename_managed_entry(e, mapped_sdn, managed_sdn);
}
slapi_sdn_free(&mapped_sdn);
@@ -2166,7 +2151,7 @@ mep_mod_post_op(Slapi_PBlock *pb)
} else {
slapi_log_error(SLAPI_LOG_FATAL, MEP_PLUGIN_SUBSYSTEM,
"mep_mod_post_op: Unable to find config for origin "
- "entry \"%s\".\n", dn);
+ "entry \"%s\".\n", slapi_sdn_get_dn(sdn));
}
slapi_ch_free_string(&managed_dn);
@@ -2187,7 +2172,7 @@ static int
mep_add_post_op(Slapi_PBlock *pb)
{
Slapi_Entry *e = NULL;
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
struct configEntry *config = NULL;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
@@ -2198,8 +2183,8 @@ mep_add_post_op(Slapi_PBlock *pb)
return 0;
/* Reload config if a config entry was added. */
- if ((dn = mep_get_dn(pb))) {
- if (mep_dn_is_config(dn)) {
+ if ((sdn = mep_get_sdn(pb))) {
+ if (mep_dn_is_config(sdn)) {
mep_load_config();
}
} else {
@@ -2241,7 +2226,7 @@ mep_add_post_op(Slapi_PBlock *pb)
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_add_post_op: Error "
- "retrieving post-op entry %s\n", dn);
+ "retrieving post-op entry %s\n", slapi_sdn_get_dn(sdn));
}
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
@@ -2253,8 +2238,8 @@ mep_add_post_op(Slapi_PBlock *pb)
static int
mep_del_post_op(Slapi_PBlock *pb)
{
- char *dn = NULL;
Slapi_Entry *e = NULL;
+ Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
"--> mep_del_post_op\n");
@@ -2265,8 +2250,8 @@ mep_del_post_op(Slapi_PBlock *pb)
}
/* Reload config if a config entry was deleted. */
- if ((dn = mep_get_dn(pb))) {
- if (mep_dn_is_config(dn))
+ if ((sdn = mep_get_sdn(pb))) {
+ if (mep_dn_is_config(sdn))
mep_load_config();
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
@@ -2299,7 +2284,7 @@ mep_del_post_op(Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_del_post_op: Deleting managed entry "
"\"%s\" due to deletion of origin entry "
- "\"%s\".\n ", managed_dn, dn);
+ "\"%s\".\n ", managed_dn, slapi_sdn_get_dn(sdn));
slapi_delete_internal_set_pb(mep_pb, managed_dn, NULL,
NULL, mep_get_plugin_id(), 0);
slapi_delete_internal_pb(mep_pb);
@@ -2310,7 +2295,7 @@ mep_del_post_op(Slapi_PBlock *pb)
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_del_post_op: Error "
- "retrieving pre-op entry %s\n", dn);
+ "retrieving pre-op entry %s\n", slapi_sdn_get_dn(sdn));
}
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
@@ -2322,8 +2307,9 @@ mep_del_post_op(Slapi_PBlock *pb)
static int
mep_modrdn_post_op(Slapi_PBlock *pb)
{
- char *old_dn = NULL;
- char *new_dn = NULL;
+ const char *new_dn = NULL;
+ Slapi_DN *old_sdn = NULL;
+ Slapi_DN *new_sdn = NULL;
Slapi_Entry *post_e = NULL;
char *managed_dn = NULL;
struct configEntry *config = NULL;
@@ -2340,7 +2326,8 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
* config entries. */
slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &post_e);
if (post_e) {
- new_dn = slapi_entry_get_ndn(post_e);
+ new_sdn = slapi_entry_get_sdn(post_e);
+ new_dn = slapi_sdn_get_dn(new_sdn);
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_modrdn_post_op: Error "
@@ -2348,8 +2335,8 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
return 0;
}
- if ((old_dn = mep_get_dn(pb))) {
- if (mep_dn_is_config(old_dn) || mep_dn_is_config(new_dn))
+ if ((old_sdn = mep_get_sdn(pb))) {
+ if (mep_dn_is_config(old_sdn) || mep_dn_is_config(new_sdn))
mep_load_config();
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
@@ -2398,7 +2385,7 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_modrdn_post_op: Removing managed entry \"%s\" "
"since origin entry \"%s\" was moved out of scope.\n",
- managed_dn, old_dn);
+ managed_dn, slapi_sdn_get_dn(old_sdn));
slapi_delete_internal_set_pb (mep_pb, managed_dn, NULL, NULL,
mep_get_plugin_id(), 0);
slapi_delete_internal_pb(mep_pb);
@@ -2428,8 +2415,8 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
"mep_modrdn_post_op: Removing %s pointer and %s "
"objectclass from entry \"%s\".\n",
MEP_MANAGED_ENTRY_TYPE, MEP_ORIGIN_OC, new_dn);
- slapi_modify_internal_set_pb(mep_pb, new_dn, mods, 0, 0,
- mep_get_plugin_id(), 0);
+ slapi_modify_internal_set_pb_ext(mep_pb, new_sdn, mods, 0, 0,
+ mep_get_plugin_id(), 0);
slapi_modify_internal_pb(mep_pb);
slapi_pblock_get(mep_pb, SLAPI_PLUGIN_INTOP_RESULT, &result);
@@ -2442,7 +2429,7 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
}
} else {
/* Update backlink to new origin DN in managed entry. */
- vals[0] = new_dn;
+ vals[0] = (char *)new_dn;
vals[1] = 0;
mod.mod_op = LDAP_MOD_REPLACE;
mod.mod_type = MEP_MANAGED_BY_TYPE;
@@ -2498,8 +2485,11 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
"mep_modrdn_post_op: Renaming managed entry "
"\"%s\" to \"%s\" due to rename of origin "
"entry \"%s\".\n ", managed_dn,
- slapi_entry_get_dn(new_managed_entry), old_dn);
- mep_rename_managed_entry(post_e, slapi_entry_get_dn(new_managed_entry), managed_dn);
+ slapi_entry_get_dn(new_managed_entry),
+ slapi_sdn_get_dn(old_sdn));
+ mep_rename_managed_entry(post_e,
+ slapi_entry_get_sdn(new_managed_entry),
+ managed_sdn);
}
/* Update all of the mapped attributes
@@ -2513,7 +2503,8 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_modrdn_post_op: Updating mapped attributes "
"in entry \"%s\"\n.", managed_dn);
- slapi_modify_internal_set_pb(mep_pb, slapi_entry_get_dn(new_managed_entry),
+ slapi_modify_internal_set_pb_ext(mep_pb,
+ slapi_entry_get_sdn(new_managed_entry),
slapi_mods_get_ldapmods_byref(smods), 0, 0,
mep_get_plugin_id(), 0);
slapi_modify_internal_pb(mep_pb);
diff --git a/ldap/servers/plugins/pam_passthru/pam_passthru.h b/ldap/servers/plugins/pam_passthru/pam_passthru.h
index 6a9d332..748c2f1 100644
--- a/ldap/servers/plugins/pam_passthru/pam_passthru.h
+++ b/ldap/servers/plugins/pam_passthru/pam_passthru.h
@@ -129,7 +129,7 @@ void * pam_passthruauth_get_plugin_identity();
*/
int pam_passthru_config( Slapi_Entry *config_e );
Pam_PassthruConfig *pam_passthru_get_config( void );
-int pam_passthru_check_suffix(Pam_PassthruConfig *cfg, char *binddn);
+int pam_passthru_check_suffix(Pam_PassthruConfig *cfg, const char *binddn);
/*
* pam_ptimpl.c
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptconfig.c b/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
index beff65d..bde2ef6 100644
--- a/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
+++ b/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
@@ -538,7 +538,7 @@ pam_passthru_apply_config (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Ent
}
int
-pam_passthru_check_suffix(Pam_PassthruConfig *cfg, char *binddn)
+pam_passthru_check_suffix(Pam_PassthruConfig *cfg, const char *binddn)
{
Slapi_DN *comp_dn;
Pam_PassthruSuffix *try;
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptimpl.c b/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
index 662239f..2aedec7 100644
--- a/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
+++ b/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
@@ -91,7 +91,7 @@ struct my_pam_conv_str {
* Get the PAM identity from the value of the leftmost RDN in the BIND DN.
*/
static char *
-derive_from_bind_dn(Slapi_PBlock *pb, char *binddn, MyStrBuf *pam_id)
+derive_from_bind_dn(Slapi_PBlock *pb, const char *binddn, MyStrBuf *pam_id)
{
Slapi_RDN *rdn;
char *type = NULL;
@@ -106,7 +106,8 @@ derive_from_bind_dn(Slapi_PBlock *pb, char *binddn, MyStrBuf *pam_id)
}
static char *
-derive_from_bind_entry(Slapi_PBlock *pb, char *binddn, MyStrBuf *pam_id, char *map_ident_attr, int *locked)
+derive_from_bind_entry(Slapi_PBlock *pb, const char *binddn,
+ MyStrBuf *pam_id, char *map_ident_attr, int *locked)
{
char buf[BUFSIZ];
Slapi_Entry *entry = NULL;
@@ -264,7 +265,8 @@ do_one_pam_auth(
)
{
MyStrBuf pam_id;
- char *binddn = NULL;
+ const char *binddn = NULL;
+ Slapi_DN *bindsdn = NULL;
int rc;
int retcode = LDAP_SUCCESS;
pam_handle_t *pam_handle;
@@ -274,7 +276,13 @@ do_one_pam_auth(
char *errmsg = NULL; /* free with PR_smprintf_free */
int locked = 0;
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &binddn );
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &bindsdn );
+ if (NULL == bindsdn) {
+ errmsg = PR_smprintf("Null bind dn");
+ retcode = LDAP_OPERATIONS_ERROR;
+ goto done; /* skip the pam stuff */
+ }
+ binddn = slapi_sdn_get_dn(bindsdn);
if (method == PAMPT_MAP_METHOD_RDN) {
derive_from_bind_dn(pb, binddn, &pam_id);
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptpreop.c b/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
index 9e14c26..d726017 100644
--- a/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
+++ b/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
@@ -165,10 +165,12 @@ static int
pam_passthru_bindpreop( Slapi_PBlock *pb )
{
int rc, method;
- char *normbinddn, *errmsg = NULL;
+ const char *normbinddn;
+ char *errmsg = NULL;
+ Slapi_DN *bindsdn = NULL;
Pam_PassthruConfig *cfg;
struct berval *creds;
- int retcode = PAM_PASSTHRU_OP_NOT_HANDLED;
+ int retcode = PAM_PASSTHRU_OP_NOT_HANDLED;
PAM_PASSTHRU_ASSERT( pb != NULL );
@@ -179,12 +181,13 @@ pam_passthru_bindpreop( Slapi_PBlock *pb )
* retrieve parameters for bind operation
*/
if ( slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method ) != 0 ||
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &normbinddn ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &bindsdn ) != 0 ||
slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds ) != 0 ) {
slapi_log_error( SLAPI_LOG_FATAL, PAM_PASSTHRU_PLUGIN_SUBSYSTEM,
"<= not handled (unable to retrieve bind parameters)\n" );
return retcode;
}
+ normbinddn = slapi_sdn_get_dn(bindsdn);
/*
* We only handle simple bind requests that include non-NULL binddn and
diff --git a/ldap/servers/plugins/passthru/passthru.h b/ldap/servers/plugins/passthru/passthru.h
index ac19849..e0421ac 100644
--- a/ldap/servers/plugins/passthru/passthru.h
+++ b/ldap/servers/plugins/passthru/passthru.h
@@ -136,7 +136,7 @@ typedef struct passthruconfig {
* ptbind.c:
*/
int passthru_simple_bind_s( Slapi_PBlock *pb, PassThruServer *srvr, int tries,
- char *dn, struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
+ const char *dn, struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
LDAPControl ***resctrlsp );
@@ -149,7 +149,7 @@ PassThruConfig *passthru_get_config( void );
/*
* ptconn.c:
*/
-int passthru_dn2server( PassThruConfig *cfg, char *normdn,
+int passthru_dn2server( PassThruConfig *cfg, const char *normdn,
PassThruServer **srvrp );
int passthru_get_connection( PassThruServer *srvr, LDAP **ldp );
void passthru_release_connection( PassThruServer *srvr, LDAP *ld, int dispose );
diff --git a/ldap/servers/plugins/passthru/ptbind.c b/ldap/servers/plugins/passthru/ptbind.c
index 063ba15..efbc896 100644
--- a/ldap/servers/plugins/passthru/ptbind.c
+++ b/ldap/servers/plugins/passthru/ptbind.c
@@ -48,7 +48,7 @@
#include "passthru.h"
static int
-passthru_simple_bind_once_s( PassThruServer *srvr, char *dn,
+passthru_simple_bind_once_s( PassThruServer *srvr, const char *dn,
struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
LDAPControl ***resctrlsp );
@@ -68,7 +68,7 @@ passthru_simple_bind_once_s( PassThruServer *srvr, char *dn,
*/
int
passthru_simple_bind_s( Slapi_PBlock *pb, PassThruServer *srvr, int tries,
- char *dn, struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
+ const char *dn, struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
LDAPControl ***resctrlsp )
{
@@ -102,7 +102,7 @@ passthru_simple_bind_s( Slapi_PBlock *pb, PassThruServer *srvr, int tries,
* like passthru_simple_bind_s() but only makes one attempt.
*/
static int
-passthru_simple_bind_once_s( PassThruServer *srvr, char *dn,
+passthru_simple_bind_once_s( PassThruServer *srvr, const char *dn,
struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
LDAPControl ***resctrlsp )
diff --git a/ldap/servers/plugins/passthru/ptconn.c b/ldap/servers/plugins/passthru/ptconn.c
index 1001c98..a3e2bd2 100644
--- a/ldap/servers/plugins/passthru/ptconn.c
+++ b/ldap/servers/plugins/passthru/ptconn.c
@@ -50,7 +50,7 @@
/*
* function prototypes
*/
-static int dn_is_underneath_suffix( PassThruSuffix *suffix, char *normdn,
+static int dn_is_underneath_suffix( PassThruSuffix *suffix, const char *normdn,
int dnlen );
static void close_and_dispose_connection( PassThruConnection *conn );
static void check_for_stale_connections( PassThruServer *srvr );
@@ -107,7 +107,7 @@ static void check_for_stale_connections( PassThruServer *srvr );
* LDAP_NO_SUCH_OBJECT let this server handle the bind.
*/
int
-passthru_dn2server( PassThruConfig *cfg, char *normdn, PassThruServer **srvrp )
+passthru_dn2server( PassThruConfig *cfg, const char *normdn, PassThruServer **srvrp )
{
PassThruServer *ptsrvr;
PassThruSuffix *ptsuffix;
@@ -360,7 +360,7 @@ passthru_close_all_connections( PassThruConfig *cfg )
* return non-zero value if normdn falls underneath a suffix
*/
static int
-dn_is_underneath_suffix( PassThruSuffix *suffix, char *normdn, int dnlen )
+dn_is_underneath_suffix( PassThruSuffix *suffix, const char *normdn, int dnlen )
{
PASSTHRU_ASSERT( suffix != NULL );
PASSTHRU_ASSERT( normdn != NULL );
@@ -368,7 +368,7 @@ dn_is_underneath_suffix( PassThruSuffix *suffix, char *normdn, int dnlen )
return ( suffix->ptsuffix_len <= dnlen &&
slapi_UTF8CASECMP( suffix->ptsuffix_normsuffix,
- normdn + ( dnlen - suffix->ptsuffix_len )) == 0 );
+ (char *)normdn + ( dnlen - suffix->ptsuffix_len )) == 0 );
}
diff --git a/ldap/servers/plugins/passthru/ptpreop.c b/ldap/servers/plugins/passthru/ptpreop.c
index e566c64..1f73cf1 100644
--- a/ldap/servers/plugins/passthru/ptpreop.c
+++ b/ldap/servers/plugins/passthru/ptpreop.c
@@ -149,7 +149,9 @@ static int
passthru_bindpreop( Slapi_PBlock *pb )
{
int rc, method, freeresctrls=1;
- char *normbinddn, *matcheddn;
+ char *matcheddn;
+ const char *normbinddn = NULL;
+ Slapi_DN *sdn = NULL;
char *libldap_errmsg, *pr_errmsg, *errmsg;
PassThruConfig *cfg;
PassThruServer *srvr;
@@ -165,14 +167,15 @@ passthru_bindpreop( Slapi_PBlock *pb )
* retrieve parameters for bind operation
*/
if ( slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method ) != 0 ||
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &normbinddn ) != 0 ||
- slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds ) != 0 ) {
- slapi_log_error( SLAPI_LOG_FATAL, PASSTHRU_PLUGIN_SUBSYSTEM,
- "<= not handled (unable to retrieve bind parameters)\n" );
- return( PASSTHRU_OP_NOT_HANDLED );
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &sdn ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds ) != 0 ) {
+ slapi_log_error( SLAPI_LOG_FATAL, PASSTHRU_PLUGIN_SUBSYSTEM,
+ "<= not handled (unable to retrieve bind parameters)\n" );
+ return( PASSTHRU_OP_NOT_HANDLED );
}
+ normbinddn = slapi_sdn_get_dn(sdn);
if ( normbinddn == NULL ) {
- normbinddn = "";
+ normbinddn = "";
}
/*
diff --git a/ldap/servers/plugins/referint/referint.c b/ldap/servers/plugins/referint/referint.c
index 8b3ac75..57ee6df 100644
--- a/ldap/servers/plugins/referint/referint.c
+++ b/ldap/servers/plugins/referint/referint.c
@@ -77,10 +77,10 @@ int referint_postop_del( Slapi_PBlock *pb );
int referint_postop_modrdn( Slapi_PBlock *pb );
int referint_postop_start( Slapi_PBlock *pb);
int referint_postop_close( Slapi_PBlock *pb);
-int update_integrity(char **argv, char *origDN, char *newrDN, char *newsuperior, int logChanges, void *txn);
+int update_integrity(char **argv, Slapi_DN *sDN, char *newrDN, Slapi_DN *newsuperior, int logChanges, void *txn);
void referint_thread_func(void *arg);
int GetNextLine(char *dest, int size_dest, PRFileDesc *stream);
-void writeintegritylog(char *logfilename, char *dn, char *newrdn, char *newsuperior);
+void writeintegritylog(char *logfilename, Slapi_DN *sdn, char *newrdn, Slapi_DN *newsuperior);
int my_fgetc(PRFileDesc *stream);
/* global thread control stuff */
@@ -157,7 +157,7 @@ referint_postop_init( Slapi_PBlock *pb )
int
referint_postop_del( Slapi_PBlock *pb )
{
- char *dn;
+ Slapi_DN *sdn = NULL;
int rc;
int oprc;
char **argv;
@@ -168,7 +168,7 @@ referint_postop_del( Slapi_PBlock *pb )
void *txn = NULL;
if ( slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &isrepop ) != 0 ||
- slapi_pblock_get( pb, SLAPI_DELETE_TARGET, &dn ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_DELETE_TARGET_SDN, &sdn ) != 0 ||
slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &oprc) != 0 ||
slapi_pblock_get(pb, SLAPI_TXN, &txn) != 0)
{
@@ -215,10 +215,10 @@ referint_postop_del( Slapi_PBlock *pb )
}else if(delay == 0){
/* no delay */
/* call function to update references to entry */
- rc = update_integrity(argv, dn, NULL, NULL, logChanges, txn);
+ rc = update_integrity(argv, sdn, NULL, NULL, logChanges, txn);
}else{
/* write the entry to integrity log */
- writeintegritylog(argv[1],dn, NULL, NULL);
+ writeintegritylog(argv[1], sdn, NULL, NULL);
rc = 0;
}
} else {
@@ -234,9 +234,9 @@ referint_postop_del( Slapi_PBlock *pb )
int
referint_postop_modrdn( Slapi_PBlock *pb )
{
- char *dn;
+ Slapi_DN *sdn = NULL;
char *newrdn;
- char *newsuperior;
+ Slapi_DN *newsuperior;
int oprc;
int rc;
char **argv;
@@ -247,9 +247,9 @@ referint_postop_modrdn( Slapi_PBlock *pb )
void *txn = NULL;
if ( slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &isrepop ) != 0 ||
- slapi_pblock_get( pb, SLAPI_MODRDN_TARGET, &dn ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_MODRDN_TARGET_SDN, &sdn ) != 0 ||
slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn ) != 0 ||
- slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperior ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior ) != 0 ||
slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &oprc) != 0 ||
slapi_pblock_get(pb, SLAPI_TXN, &txn) != 0) {
@@ -299,11 +299,12 @@ referint_postop_modrdn( Slapi_PBlock *pb )
rc = 0;
}else if(delay == 0){
/* no delay */
- /* call function to update references to entry */
- rc = update_integrity(argv, dn, newrdn, newsuperior, logChanges, txn);
+ /* call function to update references to entry */
+ rc = update_integrity(argv, sdn, newrdn,
+ newsuperior, logChanges, txn);
}else{
/* write the entry to integrity log */
- writeintegritylog(argv[1],dn, newrdn, newsuperior);
+ writeintegritylog(argv[1], sdn, newrdn, newsuperior);
rc = 0;
}
@@ -331,7 +332,7 @@ int isFatalSearchError(int search_result)
}
static int
-_do_modify(Slapi_PBlock *mod_pb, const char *entryDN, LDAPMod **mods, void *txn)
+_do_modify(Slapi_PBlock *mod_pb, Slapi_DN *entrySDN, LDAPMod **mods, void *txn)
{
int rc = 0;
@@ -340,8 +341,8 @@ _do_modify(Slapi_PBlock *mod_pb, const char *entryDN, LDAPMod **mods, void *txn)
slapi_pblock_set(mod_pb, SLAPI_TXN, txn);
/* Use internal operation API */
- slapi_modify_internal_set_pb(mod_pb, entryDN, mods, NULL, NULL,
- referint_plugin_identity, 0);
+ slapi_modify_internal_set_pb_ext(mod_pb, entrySDN, mods, NULL, NULL,
+ referint_plugin_identity, 0);
slapi_modify_internal_pb(mod_pb);
slapi_pblock_get(mod_pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
@@ -352,13 +353,12 @@ _do_modify(Slapi_PBlock *mod_pb, const char *entryDN, LDAPMod **mods, void *txn)
* update one attribute value per _do_modify
*/
static int
-_update_one_per_mod(const char *entryDN, /* DN of the searched entry */
- Slapi_Attr *attr, /* referred attribute */
+_update_one_per_mod(Slapi_DN *entrySDN, /* DN of the searched entry */
+ Slapi_Attr *attr, /* referred attribute */
char *attrName,
- char *origDN, /* original DN that was modified */
- char *norm_origDN, /* normalized original DN */
- char *newRDN, /* new RDN from modrdn */
- char *newsuperior, /* new superior from modrdn */
+ const char *origDN, /* original DN that was modified */
+ char *newRDN, /* new RDN from modrdn */
+ const char *newsuperior, /* new superior from modrdn */
Slapi_PBlock *mod_pb, void *txn)
{
LDAPMod *list_of_mods[3];
@@ -374,7 +374,7 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
if (NULL == newRDN && NULL == newsuperior) {
/* in delete mode */
/* delete old dn so set that up */
- values_del[0] = origDN;
+ values_del[0] = (char *)origDN;
values_del[1] = NULL;
attribute1.mod_type = attrName;
attribute1.mod_op = LDAP_MOD_DELETE;
@@ -382,11 +382,11 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
list_of_mods[0] = &attribute1;
/* terminate list of mods. */
list_of_mods[1] = NULL;
- rc = _do_modify(mod_pb, entryDN, list_of_mods, txn);
+ rc = _do_modify(mod_pb, entrySDN, list_of_mods, txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: entry %s: deleting \"%s: %s\" failed (%d)"
- "\n", entryDN, attrName, origDN, rc);
+ "\n", slapi_sdn_get_dn(entrySDN), attrName, origDN, rc);
}
} else {
/* in modrdn mode */
@@ -400,7 +400,7 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
newRDN = dnParts[0];
}
if (newsuperior) {
- superior = (const char *)newsuperior;
+ superior = newsuperior;
} else {
/* no need to free superior */
superior = slapi_dn_find_parent(origDN);
@@ -443,7 +443,7 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
}
/* else: (rc < 0) Ignore the DN normalization error for now. */
- p = PL_strstr(sval, norm_origDN);
+ p = PL_strstr(sval, origDN);
if (p == sval) {
/* (case 1) */
values_del[0] = sval;
@@ -460,12 +460,13 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
attribute2.mod_values = values_add;
list_of_mods[1] = &attribute2;
list_of_mods[2] = NULL;
- rc = _do_modify(mod_pb, entryDN, list_of_mods, txn);
+ rc = _do_modify(mod_pb, entrySDN, list_of_mods, txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: entry %s: replacing \"%s: %s\" "
"with \"%s: %s\" failed (%d)\n",
- entryDN, attrName, origDN, attrName, newDN, rc);
+ slapi_sdn_get_dn(entrySDN), attrName,
+ origDN, attrName, newDN, rc);
}
} else if (p) {
char bak;
@@ -489,12 +490,12 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
attribute2.mod_values = values_add;
list_of_mods[1] = &attribute2;
list_of_mods[2] = NULL;
- rc = _do_modify(mod_pb, entryDN, list_of_mods, txn);
+ rc = _do_modify(mod_pb, entrySDN, list_of_mods, txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: entry %s: replacing \"%s: %s\" "
"with \"%s: %s\" failed (%d)\n",
- entryDN, attrName, sval, attrName, newvalue, rc);
+ slapi_sdn_get_dn(entrySDN), attrName, sval, attrName, newvalue, rc);
}
slapi_ch_free_string(&newvalue);
}
@@ -517,13 +518,12 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
* update multiple attribute values per _do_modify
*/
static int
-_update_all_per_mod(const char *entryDN, /* DN of the searched entry */
- Slapi_Attr *attr, /* referred attribute */
+_update_all_per_mod(Slapi_DN *entrySDN, /* DN of the searched entry */
+ Slapi_Attr *attr, /* referred attribute */
char *attrName,
- char *origDN, /* original DN that was modified */
- char *norm_origDN, /* normalized original DN */
- char *newRDN, /* new RDN from modrdn */
- char *newsuperior, /* new superior from modrdn */
+ const char *origDN, /* original DN that was modified */
+ char *newRDN, /* new RDN from modrdn */
+ const char *newsuperior, /* new superior from modrdn */
Slapi_PBlock *mod_pb, void *txn)
{
Slapi_Mods *smods = NULL;
@@ -543,7 +543,7 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
LDAPMod attribute1;
/* delete old dn so set that up */
- values_del[0] = origDN;
+ values_del[0] = (char *)origDN;
values_del[1] = NULL;
attribute1.mod_type = attrName;
attribute1.mod_op = LDAP_MOD_DELETE;
@@ -551,11 +551,11 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
mods[0] = &attribute1;
/* terminate list of mods. */
mods[1] = NULL;
- rc = _do_modify(mod_pb, entryDN, mods, txn);
+ rc = _do_modify(mod_pb, entrySDN, mods, txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: entry %s: deleting \"%s: %s\" failed (%d)"
- "\n", entryDN, attrName, origDN, rc);
+ "\n", slapi_sdn_get_dn(entrySDN), attrName, origDN, rc);
}
} else {
/* in modrdn mode */
@@ -569,7 +569,7 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
newRDN = dnParts[0];
}
if (newsuperior) {
- superior = (const char *)newsuperior;
+ superior = newsuperior;
} else {
/* no need to free superior */
superior = slapi_dn_find_parent(origDN);
@@ -615,7 +615,7 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
}
/* else: (rc < 0) Ignore the DN normalization error for now. */
- p = PL_strstr(sval, norm_origDN);
+ p = PL_strstr(sval, origDN);
if (p == sval) {
/* (case 1) */
slapi_mods_add_string(smods, LDAP_MOD_DELETE, attrName, sval);
@@ -632,11 +632,11 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
/* else: value does not include the modified DN. Ignore it. */
slapi_ch_free_string(&sval);
}
- rc = _do_modify(mod_pb, entryDN, slapi_mods_get_ldapmods_byref(smods), txn);
+ rc = _do_modify(mod_pb, entrySDN, slapi_mods_get_ldapmods_byref(smods), txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_all_value: entry %s failed (%d)\n",
- entryDN, rc);
+ slapi_sdn_get_dn(entrySDN), rc);
}
/* cleanup memory allocated for dnParts and newDN */
@@ -652,8 +652,9 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
}
int
-update_integrity(char **argv, char *origDN,
- char *newrDN, char *newsuperior, int logChanges, void *txn)
+update_integrity(char **argv, Slapi_DN *origSDN,
+ char *newrDN, Slapi_DN *newsuperior,
+ int logChanges, void *txn)
{
Slapi_PBlock *search_result_pb = NULL;
Slapi_PBlock *mod_pb = slapi_pblock_new();
@@ -664,9 +665,9 @@ update_integrity(char **argv, char *origDN,
char *filter = NULL;
int i, j;
const char *search_base = NULL;
- char *norm_origDN = NULL;
- size_t dnlen = 0;
int rc;
+ size_t len = slapi_sdn_get_ndn_len(origSDN);
+ const char *origDN = slapi_sdn_get_dn(origSDN);
if ( argv == NULL ) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
@@ -677,16 +678,6 @@ update_integrity(char **argv, char *origDN,
/* for now, just putting attributes to keep integrity on in conf file,
until resolve the other timing mode issue */
-
- rc = slapi_dn_normalize_case_ext(origDN, 0, &norm_origDN, &dnlen);
- if (rc == 0) { /* origDN is passed in; not terminated */
- *(norm_origDN + dnlen) = '\0';
- norm_origDN = slapi_ch_strdup(norm_origDN);
- } else if (rc < 0) {
- /* Ignore the DN normalization error for now. */
- norm_origDN = slapi_ch_strdup(origDN);
- }
-
search_result_pb = slapi_pblock_new();
/* Search each namingContext in turn */
@@ -698,8 +689,8 @@ update_integrity(char **argv, char *origDN,
for(i = 3; argv[i] != NULL; i++)
{
char buf[BUFSIZ];
- size_t len = strlen(origDN);
- filter = slapi_ch_smprintf("(%s=*%s)", argv[i], escape_filter_value(origDN, len, buf));
+ filter = slapi_ch_smprintf("(%s=*%s)", argv[i],
+ escape_filter_value(origDN, len, buf));
if ( filter ) {
/* Need only the current attribute and its subtypes */
char *attrs[2];
@@ -758,18 +749,16 @@ update_integrity(char **argv, char *origDN,
*/
if (nval > 128) {
rc = _update_one_per_mod(
- slapi_entry_get_dn(search_entries[j]),
- attr, attrName,
- origDN, norm_origDN,
- newrDN, newsuperior,
- mod_pb, txn);
+ slapi_entry_get_sdn(search_entries[j]),
+ attr, attrName, origDN, newrDN,
+ slapi_sdn_get_dn(newsuperior),
+ mod_pb, txn);
} else {
rc = _update_all_per_mod(
- slapi_entry_get_dn(search_entries[j]),
- attr, attrName,
- origDN, norm_origDN,
- newrDN, newsuperior,
- mod_pb, txn);
+ slapi_entry_get_sdn(search_entries[j]),
+ attr, attrName, origDN, newrDN,
+ slapi_sdn_get_dn(newsuperior),
+ mod_pb, txn);
}
/* Should we stop if one modify returns an error? */
}
@@ -798,8 +787,6 @@ update_integrity(char **argv, char *origDN,
rc = 0;
free_and_return:
- slapi_ch_free_string(&norm_origDN);
-
/* free filter and search_results_pb */
slapi_ch_free_string(&filter);
@@ -900,7 +887,9 @@ referint_thread_func(void *arg)
int no_changes;
char delimiter[]="\t\n";
char *ptoken;
- char *tmpdn, *tmprdn, *tmpsuperior;
+ Slapi_DN *sdn = NULL;
+ char *tmprdn;
+ Slapi_DN *tmpsuperior = NULL;
int logChanges=0;
char * iter = NULL;
@@ -960,8 +949,7 @@ referint_thread_func(void *arg)
while( GetNextLine(thisline, MAX_LINE, prfd) ){
ptoken = ldap_utf8strtok_r(thisline, delimiter, &iter);
- tmpdn = slapi_ch_calloc(strlen(ptoken) + 1, sizeof(char));
- strcpy(tmpdn, ptoken);
+ sdn = slapi_sdn_new_dn_byref(ptoken);
ptoken = ldap_utf8strtok_r (NULL, delimiter, &iter);
if(!strcasecmp(ptoken, "NULL")) {
@@ -974,14 +962,15 @@ referint_thread_func(void *arg)
if (!strcasecmp(ptoken, "NULL")) {
tmpsuperior = NULL;
} else {
- tmpsuperior = slapi_ch_smprintf("%s", ptoken);
+ tmpsuperior = slapi_sdn_new_dn_byref(ptoken);
}
- update_integrity(plugin_argv, tmpdn, tmprdn, tmpsuperior, logChanges, NULL);
+ update_integrity(plugin_argv, sdn, tmprdn,
+ tmpsuperior, logChanges, NULL);
- slapi_ch_free_string(&tmpdn);
+ slapi_sdn_free(&sdn);
slapi_ch_free_string(&tmprdn);
- slapi_ch_free_string(&tmpsuperior);
+ slapi_sdn_free(&tmpsuperior);
}
PR_Close(prfd);
@@ -1094,7 +1083,8 @@ GetNextLine(char *dest, int size_dest, PRFileDesc *stream) {
}
void
-writeintegritylog(char *logfilename, char *dn, char *newrdn, char *newsuperior)
+writeintegritylog(char *logfilename, Slapi_DN *sdn,
+ char *newrdn, Slapi_DN *newsuperior)
{
PRFileDesc *prfd;
char buffer[MAX_LINE];
@@ -1123,7 +1113,7 @@ writeintegritylog(char *logfilename, char *dn, char *newrdn, char *newsuperior)
*/
/* add length of dn + 4(two tabs, a newline, and terminating \0) */
- len_to_write = strlen(dn) + 4;
+ len_to_write = slapi_sdn_get_ndn_len(sdn) + 4;
if(newrdn == NULL)
{
@@ -1139,7 +1129,7 @@ writeintegritylog(char *logfilename, char *dn, char *newrdn, char *newsuperior)
len_to_write += 4;
}else{
/* add the length of the newsuperior */
- len_to_write += strlen(newsuperior);
+ len_to_write += slapi_sdn_get_ndn_len(newsuperior);
}
if(len_to_write > MAX_LINE )
@@ -1150,9 +1140,10 @@ writeintegritylog(char *logfilename, char *dn, char *newrdn, char *newsuperior)
" to update references to this entry.\n");
}else{
PR_snprintf(buffer, MAX_LINE, "%s\t%s\t%s\t\n",
- dn,
+ slapi_sdn_get_dn(sdn),
(newrdn != NULL) ? newrdn : "NULL",
- (newsuperior != NULL) ? newsuperior : "NULL");
+ (newsuperior != NULL) ? slapi_sdn_get_dn(newsuperior) :
+ "NULL");
if (PR_Write(prfd,buffer,strlen(buffer)) < 0){
slapi_log_error(SLAPI_LOG_FATAL,REFERINT_PLUGIN_SUBSYSTEM,
" writeintegritylog: PR_Write failed : The disk"
diff --git a/ldap/servers/plugins/replication/cl4_api.c b/ldap/servers/plugins/replication/cl4_api.c
index c7d0ce0..ab72793 100644
--- a/ldap/servers/plugins/replication/cl4_api.c
+++ b/ldap/servers/plugins/replication/cl4_api.c
@@ -533,7 +533,7 @@ static int _cl4ResolveTargetDN (Slapi_Entry *entry, Slapi_DN **newTargetDN)
if (strcasecmp (changetype, "add") == 0) /* this is add operation - we have rawdn */
slapi_sdn_set_dn_byref (targetSDN, targetdn);
else
- slapi_sdn_set_ndn_byref (targetSDN, targetdn);
+ slapi_sdn_set_normdn_byref (targetSDN, targetdn);
/* read the entry to which the change was applied */
rc = _cl4GetTargetEntry (targetSDN, uniqueid, &targetEntry);
diff --git a/ldap/servers/plugins/replication/cl5_api.c b/ldap/servers/plugins/replication/cl5_api.c
index c360444..2a834d7 100644
--- a/ldap/servers/plugins/replication/cl5_api.c
+++ b/ldap/servers/plugins/replication/cl5_api.c
@@ -1060,7 +1060,7 @@ cl5ImportLDIF (const char *clDir, const char *ldifFile, Object **replicas)
"cl5ImportLDIF: "
"failed to write operation to the changelog: "
"type: %lu, dn: %s\n",
- op.operation_type, op.target_address.dn);
+ op.operation_type, REPL_GET_DN(&op.target_address));
slapi_ch_free_string(&replGen);
operation_parameters_done (&op);
goto done;
@@ -1080,7 +1080,7 @@ cl5ImportLDIF (const char *clDir, const char *ldifFile, Object **replicas)
"cl5ImportLDIF: "
"failed to write operation to the changelog: "
"type: %lu, dn: %s\n",
- op.operation_type, op.target_address.dn);
+ op.operation_type, REPL_GET_DN(&op.target_address));
object_release (replica_obj);
slapi_ch_free_string(&replGen);
operation_parameters_done (&op);
@@ -2150,7 +2150,7 @@ static int _cl5Entry2DBData (const CL5Entry *entry, char **data, PRUint32 *len)
}
break;
- case SLAPI_OPERATION_MODIFY: size += strlen (op->target_address.dn) + 1;
+ case SLAPI_OPERATION_MODIFY: size += REPL_GET_DN_LEN(&op->target_address) + 1;
/* Need larger buffer for the encrypted changelog */
if (s_cl5Desc.clcrypt_handle) {
size += (_cl5GetModsSize (op->p.p_modify.modify_mods) * (1 + BACK_CRYPT_OUTBUFF_EXTLEN));
@@ -2159,11 +2159,11 @@ static int _cl5Entry2DBData (const CL5Entry *entry, char **data, PRUint32 *len)
}
break;
- case SLAPI_OPERATION_MODRDN: size += strlen (op->target_address.dn) + 1;
+ case SLAPI_OPERATION_MODRDN: size += REPL_GET_DN_LEN(&op->target_address) + 1;
/* 1 for deleteoldrdn */
size += strlen (op->p.p_modrdn.modrdn_newrdn) + 2;
- if (op->p.p_modrdn.modrdn_newsuperior_address.dn)
- size += strlen (op->p.p_modrdn.modrdn_newsuperior_address.dn) + 1;
+ if (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address))
+ size += REPL_GET_DN_LEN(&op->p.p_modrdn.modrdn_newsuperior_address) + 1;
else
size ++; /* for NULL char */
if (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid)
@@ -2178,7 +2178,7 @@ static int _cl5Entry2DBData (const CL5Entry *entry, char **data, PRUint32 *len)
}
break;
- case SLAPI_OPERATION_DELETE: size += strlen (op->target_address.dn) + 1;
+ case SLAPI_OPERATION_DELETE: size += REPL_GET_DN_LEN(&op->target_address) + 1;
break;
}
@@ -2218,20 +2218,20 @@ static int _cl5Entry2DBData (const CL5Entry *entry, char **data, PRUint32 *len)
ldap_mods_free (add_mods, 1);
break;
- case SLAPI_OPERATION_MODIFY: _cl5WriteString (op->target_address.dn, &pos);
+ case SLAPI_OPERATION_MODIFY: _cl5WriteString (REPL_GET_DN(&op->target_address), &pos);
_cl5WriteMods (op->p.p_modify.modify_mods, &pos);
break;
- case SLAPI_OPERATION_MODRDN: _cl5WriteString (op->target_address.dn, &pos);
+ case SLAPI_OPERATION_MODRDN: _cl5WriteString (REPL_GET_DN(&op->target_address), &pos);
_cl5WriteString (op->p.p_modrdn.modrdn_newrdn, &pos);
*pos = (PRUint8)op->p.p_modrdn.modrdn_deloldrdn;
pos ++;
- _cl5WriteString (op->p.p_modrdn.modrdn_newsuperior_address.dn, &pos);
+ _cl5WriteString (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address), &pos);
_cl5WriteString (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid, &pos);
_cl5WriteMods (op->p.p_modrdn.modrdn_mods, &pos);
break;
- case SLAPI_OPERATION_DELETE: _cl5WriteString (op->target_address.dn, &pos);
+ case SLAPI_OPERATION_DELETE: _cl5WriteString (REPL_GET_DN(&op->target_address), &pos);
break;
}
@@ -2319,27 +2319,31 @@ cl5DBData2Entry (const char *data, PRUint32 len, CL5Entry *entry)
case SLAPI_OPERATION_ADD: _cl5ReadString (&op->p.p_add.parentuniqueid, &pos);
/* richm: need to free parentuniqueid */
_cl5ReadString (&rawDN, &pos);
- op->target_address.dn = rawDN;
+ op->target_address.sdn = slapi_sdn_new_dn_passin(rawDN);
/* convert mods to entry */
rc = _cl5ReadMods (&add_mods, &pos);
slapi_mods2entry (&(op->p.p_add.target_entry), rawDN, add_mods);
ldap_mods_free (add_mods, 1);
break;
- case SLAPI_OPERATION_MODIFY: _cl5ReadString (&op->target_address.dn, &pos);
+ case SLAPI_OPERATION_MODIFY: _cl5ReadString (&rawDN, &pos);
+ op->target_address.sdn = slapi_sdn_new_dn_passin(rawDN);
rc = _cl5ReadMods (&op->p.p_modify.modify_mods, &pos);
break;
- case SLAPI_OPERATION_MODRDN: _cl5ReadString (&op->target_address.dn, &pos);
+ case SLAPI_OPERATION_MODRDN: _cl5ReadString (&rawDN, &pos);
+ op->target_address.sdn = slapi_sdn_new_dn_passin(rawDN);
_cl5ReadString (&op->p.p_modrdn.modrdn_newrdn, &pos);
op->p.p_modrdn.modrdn_deloldrdn = *pos;
pos ++;
- _cl5ReadString (&op->p.p_modrdn.modrdn_newsuperior_address.dn, &pos);
+ _cl5ReadString (&rawDN, &pos);
+ op->p.p_modrdn.modrdn_newsuperior_address.sdn = slapi_sdn_new_dn_passin(rawDN);
_cl5ReadString (&op->p.p_modrdn.modrdn_newsuperior_address.uniqueid, &pos);
rc = _cl5ReadMods (&op->p.p_modrdn.modrdn_mods, &pos);
break;
- case SLAPI_OPERATION_DELETE: _cl5ReadString (&op->target_address.dn, &pos);
+ case SLAPI_OPERATION_DELETE: _cl5ReadString (&rawDN, &pos);
+ op->target_address.sdn = slapi_sdn_new_dn_passin(rawDN);
rc = CL5_SUCCESS;
break;
@@ -4210,7 +4214,7 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
"_cl5Operation2LDIF(MODIFY): mods are NULL\n");
return CL5_BAD_FORMAT;
}
- len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), strlen (op->target_address.dn));
+ len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), REPL_GET_DN_LEN(&op->target_address));
l = make_changes_string(op->p.p_modify.modify_mods, NULL);
len += LDIF_SIZE_NEEDED(strlen (T_CHANGESTR), l->ls_len);
break;
@@ -4220,15 +4224,15 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
"_cl5Operation2LDIF(MODRDN): mods are NULL\n");
return CL5_BAD_FORMAT;
}
- len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), strlen (op->target_address.dn));
+ len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), REPL_GET_DN_LEN(&op->target_address));
len += LDIF_SIZE_NEEDED(strlen (T_NEWRDNSTR),
strlen (op->p.p_modrdn.modrdn_newrdn));
strDeleteOldRDN = (op->p.p_modrdn.modrdn_deloldrdn ? "true" : "false");
len += LDIF_SIZE_NEEDED(strlen (T_DRDNFLAGSTR),
strlen (strDeleteOldRDN));
- if (op->p.p_modrdn.modrdn_newsuperior_address.dn)
+ if (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address))
len += LDIF_SIZE_NEEDED(strlen (T_NEWSUPERIORDNSTR),
- strlen (op->p.p_modrdn.modrdn_newsuperior_address.dn));
+ REPL_GET_DN_LEN(&op->p.p_modrdn.modrdn_newsuperior_address));
if (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid)
len += LDIF_SIZE_NEEDED(strlen (T_NEWSUPERIORIDSTR),
strlen (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid));
@@ -4236,12 +4240,12 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
len += LDIF_SIZE_NEEDED(strlen (T_CHANGESTR), l->ls_len);
break;
- case SLAPI_OPERATION_DELETE: if (NULL == op->target_address.dn) {
+ case SLAPI_OPERATION_DELETE: if (NULL == REPL_GET_DN(&op->target_address)) {
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl,
"_cl5Operation2LDIF(DELETE): target dn is NULL\n");
return CL5_BAD_FORMAT;
}
- len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), strlen (op->target_address.dn));
+ len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), REPL_GET_DN_LEN(&op->target_address));
break;
default: slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl,
@@ -4277,21 +4281,21 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
slapi_ch_free ((void**)&rawDN);
break;
- case SLAPI_OPERATION_MODIFY: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, op->target_address.dn,
- strlen (op->target_address.dn), 0);
+ case SLAPI_OPERATION_MODIFY: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, REPL_GET_DN(&op->target_address),
+ REPL_GET_DN_LEN(&op->target_address), 0);
slapi_ldif_put_type_and_value_with_options(&buff, T_CHANGESTR, l->ls_buf, l->ls_len, 0);
break;
- case SLAPI_OPERATION_MODRDN: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, op->target_address.dn,
- strlen (op->target_address.dn), 0);
+ case SLAPI_OPERATION_MODRDN: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, REPL_GET_DN(&op->target_address),
+ REPL_GET_DN_LEN(&op->target_address), 0);
slapi_ldif_put_type_and_value_with_options(&buff, T_NEWRDNSTR, op->p.p_modrdn.modrdn_newrdn,
strlen (op->p.p_modrdn.modrdn_newrdn), 0);
slapi_ldif_put_type_and_value_with_options(&buff, T_DRDNFLAGSTR, strDeleteOldRDN,
strlen (strDeleteOldRDN), 0);
- if (op->p.p_modrdn.modrdn_newsuperior_address.dn)
+ if (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address))
slapi_ldif_put_type_and_value_with_options(&buff, T_NEWSUPERIORDNSTR,
- op->p.p_modrdn.modrdn_newsuperior_address.dn,
- strlen (op->p.p_modrdn.modrdn_newsuperior_address.dn), 0);
+ REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address),
+ REPL_GET_DN_LEN(&op->p.p_modrdn.modrdn_newsuperior_address), 0);
if (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid)
slapi_ldif_put_type_and_value_with_options(&buff, T_NEWSUPERIORIDSTR,
op->p.p_modrdn.modrdn_newsuperior_address.uniqueid,
@@ -4299,8 +4303,8 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
slapi_ldif_put_type_and_value_with_options(&buff, T_CHANGESTR, l->ls_buf, l->ls_len, 0);
break;
- case SLAPI_OPERATION_DELETE: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, op->target_address.dn,
- strlen (op->target_address.dn), 0);
+ case SLAPI_OPERATION_DELETE: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, REPL_GET_DN(&op->target_address),
+ REPL_GET_DN_LEN(&op->target_address), 0);
break;
}
@@ -4377,10 +4381,10 @@ _cl5LDIF2Operation (char *ldifEntry, slapi_operation_parameters *op, char **repl
if (op->operation_type == SLAPI_OPERATION_ADD)
{
rawDN = slapi_ch_strdup (value.bv_val);
- op->target_address.dn = slapi_ch_strdup(rawDN);
+ op->target_address.sdn = slapi_sdn_new_dn_byval(rawDN);
}
else
- op->target_address.dn = slapi_ch_strdup (value.bv_val);
+ op->target_address.sdn = slapi_sdn_new_dn_byval(value.bv_val);
}
else if (strncasecmp (type.bv_val, T_PARENTIDSTR, type.bv_len) == 0)
{
@@ -4396,7 +4400,7 @@ _cl5LDIF2Operation (char *ldifEntry, slapi_operation_parameters *op, char **repl
}
else if (strncasecmp (type.bv_val, T_NEWSUPERIORDNSTR, type.bv_len) == 0)
{
- op->p.p_modrdn.modrdn_newsuperior_address.dn = slapi_ch_strdup (value.bv_val);
+ op->p.p_modrdn.modrdn_newsuperior_address.sdn = slapi_sdn_new_dn_byval(value.bv_val);
}
else if (strncasecmp (type.bv_val, T_NEWSUPERIORIDSTR, type.bv_len) == 0)
{
@@ -4507,7 +4511,7 @@ static int _cl5WriteOperationTxn(const char *replName, const char *replGen,
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl,
"_cl5WriteOperationTxn: failed to get db file for target dn (%s)",
- op->target_address.dn);
+ REPL_GET_DN(&op->target_address));
return CL5_OBJSET_ERROR;
}
@@ -4907,7 +4911,7 @@ static int _cl5GetOperation (Object *replica, slapi_operation_parameters *op)
case DB_NOTFOUND: slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl,
"_cl5GetOperation: operation for csn (%s) is not found in db that should contain dn (%s)\n",
- csnStr, op->target_address.dn);
+ csnStr, REPL_GET_DN(&op->target_address));
rc = CL5_NOTFOUND;
goto done;
@@ -6151,7 +6155,7 @@ static Object* _cl5GetReplica (const slapi_operation_parameters *op, const char*
PR_ASSERT (op && replGen);
- sdn = slapi_sdn_new_dn_byref(op->target_address.dn);
+ sdn = op->target_address.sdn;
replObj = replica_get_replica_from_dn (sdn);
if (replObj)
@@ -6169,8 +6173,6 @@ static Object* _cl5GetReplica (const slapi_operation_parameters *op, const char*
slapi_ch_free ((void**)&newGen);
}
-
- slapi_sdn_free (&sdn);
return replObj;
}
diff --git a/ldap/servers/plugins/replication/cl5_test.c b/ldap/servers/plugins/replication/cl5_test.c
index 91cdef2..4bb83a7 100644
--- a/ldap/servers/plugins/replication/cl5_test.c
+++ b/ldap/servers/plugins/replication/cl5_test.c
@@ -838,7 +838,7 @@ static int populateChangelogOp ()
pb = slapi_pblock_new ();
cur_time = time (NULL);
PR_snprintf (newrdn, sizeof(newrdn), "cn=renamed%s", ctime(&cur_time));
- slapi_rename_internal_set_pb (pb, dn, newrdn, NULL, 1, NULL, NULL,
+ slapi_rename_internal_set_pb_ext (pb, dn, newrdn, NULL, 1, NULL, NULL,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modrdn_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
diff --git a/ldap/servers/plugins/replication/legacy_consumer.c b/ldap/servers/plugins/replication/legacy_consumer.c
index a65c5e6..2440ce7 100644
--- a/ldap/servers/plugins/replication/legacy_consumer.c
+++ b/ldap/servers/plugins/replication/legacy_consumer.c
@@ -96,13 +96,14 @@ Slapi_RWLock *legacy_consumer_config_lock = NULL;
static PRBool
target_is_a_replica_root(Slapi_PBlock *pb, const Slapi_DN **root)
{
- char *dn;
- Slapi_DN *sdn;
- PRBool return_value;
+ Slapi_DN *sdn = NULL;
+ PRBool return_value = PR_FALSE;
Object *repl_obj;
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
- sdn = slapi_sdn_new_dn_byref(dn);
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ if (NULL == sdn) {
+ return return_value;
+ }
repl_obj = replica_get_replica_from_dn(sdn);
if (NULL != repl_obj)
{
@@ -116,7 +117,6 @@ target_is_a_replica_root(Slapi_PBlock *pb, const Slapi_DN **root)
*root = NULL;
return_value = PR_FALSE;
}
- slapi_sdn_free(&sdn);
return return_value;
}
@@ -492,7 +492,7 @@ legacy_consumer_read_config ()
int
-legacy_consumer_is_replicationdn(char *dn)
+legacy_consumer_is_replicationdn(const char *dn)
{
int return_value = 0; /* Assume not */
diff --git a/ldap/servers/plugins/replication/repl.h b/ldap/servers/plugins/replication/repl.h
index ca0fe05..433be34 100644
--- a/ldap/servers/plugins/replication/repl.h
+++ b/ldap/servers/plugins/replication/repl.h
@@ -405,7 +405,7 @@ int modrdn2reple( Slapi_Entry *e, char *newrdn, int deloldrdn, LDAPMod **ldm );
/* In legacy_consumer.c */
void process_legacy_cf(Slapi_PBlock *pb);
-int legacy_consumer_is_replicationdn(char *dn);
+int legacy_consumer_is_replicationdn(const char *dn);
int legacy_consumer_is_replicationpw(struct berval *creds);
int legacy_consumer_config_init();
diff --git a/ldap/servers/plugins/replication/repl5.h b/ldap/servers/plugins/replication/repl5.h
index 79465e4..ac2cd88 100644
--- a/ldap/servers/plugins/replication/repl5.h
+++ b/ldap/servers/plugins/replication/repl5.h
@@ -134,6 +134,9 @@
#define MAX_NUM_OF_MASTERS 64
#define REPL_SESSION_ID_SIZE 64
+#define REPL_GET_DN(addrp) slapi_sdn_get_dn((addrp)->sdn)
+#define REPL_GET_DN_LEN(addrp) slapi_sdn_get_ndn_len((addrp)->sdn)
+
/* Attribute names for replication agreement attributes */
extern const char *type_nsds5ReplicaHost;
extern const char *type_nsds5ReplicaPort;
diff --git a/ldap/servers/plugins/replication/repl5_agmt.c b/ldap/servers/plugins/replication/repl5_agmt.c
index 61aa9ba..f1f114b 100644
--- a/ldap/servers/plugins/replication/repl5_agmt.c
+++ b/ldap/servers/plugins/replication/repl5_agmt.c
@@ -1729,8 +1729,7 @@ agmt_notify_change(Repl_Agmt *agmt, Slapi_PBlock *pb)
if (NULL != pb)
{
/* Is the entry within our replicated area? */
- char *target_dn;
- Slapi_DN *target_sdn;
+ Slapi_DN *target_sdn = NULL;
int change_is_relevant = 0;
PR_ASSERT(NULL != agmt);
@@ -1741,8 +1740,11 @@ agmt_notify_change(Repl_Agmt *agmt, Slapi_PBlock *pb)
return;
}
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &target_dn);
- target_sdn = slapi_sdn_new_dn_byref(target_dn); /* XXX see if you can avoid allocating this */
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &target_sdn);
+ if (NULL == target_sdn) {
+ PR_Unlock(agmt->lock);
+ return;
+ }
if (slapi_sdn_issuffix(target_sdn, agmt->replarea))
{
@@ -1799,7 +1801,6 @@ agmt_notify_change(Repl_Agmt *agmt, Slapi_PBlock *pb)
}
}
PR_Unlock(agmt->lock);
- slapi_sdn_free(&target_sdn);
if (change_is_relevant)
{
/* Notify the protocol that a change has occurred */
@@ -1856,7 +1857,7 @@ agmt_replica_init_done (const Repl_Agmt *agmt)
mod.mod_type = (char*)type_nsds5ReplicaInitialize;
mod.mod_bvalues = NULL;
- slapi_modify_internal_set_pb(pb, slapi_sdn_get_dn (agmt->dn), mods, NULL/* controls */,
+ slapi_modify_internal_set_pb_ext(pb, agmt->dn, mods, NULL/* controls */,
NULL/* uniqueid */, repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0/* flags */);
slapi_modify_internal_pb (pb);
@@ -1949,7 +1950,7 @@ agmt_update_consumer_ruv (Repl_Agmt *ra)
mods[1] = (LDAPMod *)slapi_mod_get_ldapmod_byref(&smod_last_modified);
mods[2] = NULL;
- slapi_modify_internal_set_pb (pb, (char*)slapi_sdn_get_dn(ra->dn), mods, NULL, NULL,
+ slapi_modify_internal_set_pb_ext (pb, ra->dn, mods, NULL, NULL,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
diff --git a/ldap/servers/plugins/replication/repl5_agmtlist.c b/ldap/servers/plugins/replication/repl5_agmtlist.c
index 8cc2cc3..8a98c21 100644
--- a/ldap/servers/plugins/replication/repl5_agmtlist.c
+++ b/ldap/servers/plugins/replication/repl5_agmtlist.c
@@ -184,10 +184,10 @@ agmtlist_add_callback(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *entryAfter,
rc = add_new_agreement(e);
if (0 != rc) {
- char *dn;
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
+ Slapi_DN *sdn = NULL;
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "agmtlist_add_callback: "
- "Can't start agreement \"%s\"\n", dn);
+ "Can't start agreement \"%s\"\n", slapi_sdn_get_dn(sdn));
*returncode = LDAP_UNWILLING_TO_PERFORM;
return SLAPI_DSE_CALLBACK_ERROR;
}
@@ -200,7 +200,6 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
int *returncode, char *returntext, void *arg)
{
int i;
- char *dn;
Slapi_DN *sdn = NULL;
int start_initialize = 0, stop_initialize = 0, cancel_initialize = 0;
int update_the_schedule = 0; /* do we need to update the repl sched? */
@@ -224,13 +223,18 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
goto done;
}
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
- sdn= slapi_sdn_new_dn_byref(dn);
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ if (NULL == sdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
+ "agmtlist_modify_callback: NULL target dn\n");
+ goto done;
+ }
agmt = agmtlist_get_by_agmt_name(sdn);
if (NULL == agmt)
{
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "agmtlist_modify_callback: received "
- "a modification for unknown replication agreement \"%s\"\n", dn);
+ "a modification for unknown replication agreement \"%s\"\n",
+ slapi_sdn_get_dn(sdn));
goto done;
}
@@ -277,7 +281,7 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
if (strcasecmp (val, "start") == 0)
{
- start_initialize = 1;
+ start_initialize = 1;
}
else if (strcasecmp (val, "stop") == 0)
{
@@ -528,8 +532,6 @@ done:
agmtlist_release_agmt(agmt);
}
- if (sdn)
- slapi_sdn_free(&sdn);
return rc;
}
diff --git a/ldap/servers/plugins/replication/repl5_inc_protocol.c b/ldap/servers/plugins/replication/repl5_inc_protocol.c
index 0e05973..274a069 100644
--- a/ldap/servers/plugins/replication/repl5_inc_protocol.c
+++ b/ldap/servers/plugins/replication/repl5_inc_protocol.c
@@ -1423,7 +1423,7 @@ replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op, int *m
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: replay_update: Sending %s operation (dn=\"%s\" csn=%s)\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn, csn_str);
+ op2string(op->operation_type), REPL_GET_DN(&op->target_address), csn_str);
/* What type of operation is it? */
switch (op->operation_type)
{
@@ -1448,7 +1448,7 @@ replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op, int *m
{
repl5_strip_fractional_mods(prp->agmt,entryattrs);
}
- return_value = conn_send_add(prp->conn, op->target_address.dn,
+ return_value = conn_send_add(prp->conn, REPL_GET_DN(&op->target_address),
entryattrs, update_control, message_id);
ldap_mods_free(entryattrs, 1);
}
@@ -1460,18 +1460,18 @@ replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op, int *m
{
repl5_strip_fractional_mods(prp->agmt,op->p.p_modify.modify_mods);
}
- return_value = conn_send_modify(prp->conn, op->target_address.dn,
+ return_value = conn_send_modify(prp->conn, REPL_GET_DN(&op->target_address),
op->p.p_modify.modify_mods, update_control, message_id);
break;
case SLAPI_OPERATION_DELETE:
- return_value = conn_send_delete(prp->conn, op->target_address.dn,
+ return_value = conn_send_delete(prp->conn, REPL_GET_DN(&op->target_address),
update_control, message_id);
break;
case SLAPI_OPERATION_MODRDN:
/* XXXggood need to pass modrdn mods in update control! */
- return_value = conn_send_rename(prp->conn, op->target_address.dn,
+ return_value = conn_send_rename(prp->conn, REPL_GET_DN(&op->target_address),
op->p.p_modrdn.modrdn_newrdn,
- op->p.p_modrdn.modrdn_newsuperior_address.dn,
+ REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address),
op->p.p_modrdn.modrdn_deloldrdn,
update_control, message_id);
break;
diff --git a/ldap/servers/plugins/replication/repl5_init.c b/ldap/servers/plugins/replication/repl5_init.c
index 883c3e6..4e2464c 100644
--- a/ldap/servers/plugins/replication/repl5_init.c
+++ b/ldap/servers/plugins/replication/repl5_init.c
@@ -338,8 +338,8 @@ multimaster_betxnpostop_init( Slapi_PBlock *pb )
slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION, (void *)&multimasterbetxnpostopdesc ) != 0 ||
slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_MODRDN_FN, (void *) multimaster_betxnpostop_modrdn ) != 0 ||
slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_DELETE_FN, (void *) multimaster_betxnpostop_delete ) != 0 ||
- slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_ADD_FN, (void *) multimaster_betxnpostop_modrdn ) != 0 ||
- slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_MODIFY_FN, (void *) multimaster_betxnpostop_delete ) != 0 )
+ slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_ADD_FN, (void *) multimaster_betxnpostop_add ) != 0 ||
+ slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_MODIFY_FN, (void *) multimaster_betxnpostop_modify ) != 0 )
{
slapi_log_error( SLAPI_LOG_PLUGIN, repl_plugin_name, "multimaster_betxnpostop_init failed\n" );
rc= -1;
diff --git a/ldap/servers/plugins/replication/repl5_mtnode_ext.c b/ldap/servers/plugins/replication/repl5_mtnode_ext.c
index 3043624..dd0d261 100644
--- a/ldap/servers/plugins/replication/repl5_mtnode_ext.c
+++ b/ldap/servers/plugins/replication/repl5_mtnode_ext.c
@@ -197,20 +197,19 @@ replica_get_replica_from_dn (const Slapi_DN *dn)
Object *replica_get_replica_for_op (Slapi_PBlock *pb)
{
- char *dn;
- Slapi_DN *sdn;
+ Slapi_DN *sdn = NULL;
Object *repl_obj = NULL;
if (pb)
{
/* get replica generation for this operation */
- slapi_pblock_get (pb, SLAPI_TARGET_DN, &dn);
- sdn = slapi_sdn_new_dn_byref(dn);
+ slapi_pblock_get (pb, SLAPI_TARGET_SDN, &sdn);
+ if (NULL == sdn) {
+ goto bail;
+ }
repl_obj = replica_get_replica_from_dn (sdn);
-
- slapi_sdn_free (&sdn);
}
-
+bail:
return repl_obj;
}
diff --git a/ldap/servers/plugins/replication/repl5_plugins.c b/ldap/servers/plugins/replication/repl5_plugins.c
index a036b0a..a0d45fb 100644
--- a/ldap/servers/plugins/replication/repl5_plugins.c
+++ b/ldap/servers/plugins/replication/repl5_plugins.c
@@ -1079,7 +1079,7 @@ write_changelog_and_ruv (Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
"write_changelog_and_ruv: can't add a change for "
"%s (uniqid: %s, optype: %lu) to changelog csn %s\n",
- op_params->target_address.dn,
+ REPL_GET_DN(&op_params->target_address),
op_params->target_address.uniqueid,
op_params->operation_type,
csn_as_string(op_params->csn, PR_FALSE, csn_str));
diff --git a/ldap/servers/plugins/replication/repl5_replica.c b/ldap/servers/plugins/replication/repl5_replica.c
index 2a24f3e..acb7d1f 100644
--- a/ldap/servers/plugins/replication/repl5_replica.c
+++ b/ldap/servers/plugins/replication/repl5_replica.c
@@ -1858,13 +1858,14 @@ static char*
_replica_get_config_dn (const Slapi_DN *root)
{
char *dn;
+ /* "cn=mapping tree,cn=config" */
const char *mp_base = slapi_get_mapping_tree_config_root ();
PR_ASSERT (root);
/* This function converts the old style DN to the new style. */
- dn = slapi_create_dn_string("%s,cn=\"%s\",%s",
- REPLICA_RDN, slapi_sdn_get_dn (root), mp_base);
+ dn = slapi_ch_smprintf("%s,cn=\"%s\",%s",
+ REPLICA_RDN, slapi_sdn_get_dn (root), mp_base);
return dn;
}
@@ -2328,9 +2329,9 @@ replica_write_ruv (Replica *r)
pb = slapi_pblock_new();
/* replica name never changes so it is ok to reference it outside the lock */
- slapi_modify_internal_set_pb(
+ slapi_modify_internal_set_pb_ext(
pb,
- slapi_sdn_get_dn(r->repl_root), /* only used to select be */
+ r->repl_root, /* only used to select be */
mods,
NULL, /* controls */
RUV_STORAGE_ENTRY_UNIQUEID,
@@ -3079,11 +3080,11 @@ replica_remove_legacy_attr (const Slapi_DN *repl_root_sdn, const char *attr)
ctrls[1] = NULL;
/* remove copiedFrom/copyingFrom first */
- slapi_modify_internal_set_pb (pb, slapi_sdn_get_dn (repl_root_sdn),
- slapi_mods_get_ldapmods_passout (&smods), ctrls,
- NULL /*uniqueid */,
- repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION) ,
- 0 /* operation_flags */);
+ slapi_modify_internal_set_pb_ext (pb, repl_root_sdn,
+ slapi_mods_get_ldapmods_passout (&smods),
+ ctrls, NULL /*uniqueid */,
+ repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION) ,
+ 0 /* operation_flags */);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
@@ -3120,7 +3121,7 @@ replica_log_ruv_elements_nolock (const Replica *r)
special target dn */
memset (&op_params, 0, sizeof (op_params));
op_params.operation_type = SLAPI_OPERATION_DELETE;
- op_params.target_address.dn = START_ITERATION_ENTRY_DN;
+ op_params.target_address.sdn = slapi_sdn_new_dn_byval(START_ITERATION_ENTRY_DN);
op_params.target_address.uniqueid = START_ITERATION_ENTRY_UNIQUEID;
op_params.csn = csn;
repl_gen = ruv_get_replica_generation (ruv);
@@ -3132,6 +3133,7 @@ replica_log_ruv_elements_nolock (const Replica *r)
rc = -1;
slapi_ch_free ((void**)&repl_gen);
+ slapi_sdn_free(&op_params.target_address.sdn);
csn_free (&csn);
}
@@ -3221,9 +3223,9 @@ replica_replace_ruv_tombstone(Replica *r)
mods [2] = NULL;
pb = slapi_pblock_new();
- slapi_modify_internal_set_pb(
+ slapi_modify_internal_set_pb_ext(
pb,
- (char*)slapi_sdn_get_dn (r->repl_root), /* only used to select be */
+ r->repl_root, /* only used to select be */
mods,
NULL, /* controls */
RUV_STORAGE_ENTRY_UNIQUEID,
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index e31078f..eb23c21 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -871,6 +871,7 @@ replica_task_done(Replica *replica)
{
int rc = LDAP_OPERATIONS_ERROR;
char *replica_dn = NULL;
+ Slapi_DN *replica_sdn = NULL;
Slapi_PBlock *pb = NULL;
LDAPMod *mods [2];
LDAPMod mod;
@@ -878,13 +879,14 @@ replica_task_done(Replica *replica)
return rc;
}
/* dn: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config */
- replica_dn = slapi_create_dn_string("%s,cn=\"%s\",%s",
- REPLICA_RDN,
- slapi_sdn_get_dn(replica_get_root(replica)),
- CONFIG_BASE);
+ replica_dn = slapi_ch_smprintf("%s,cn=\"%s\",%s",
+ REPLICA_RDN,
+ slapi_sdn_get_dn(replica_get_root(replica)),
+ CONFIG_BASE);
if (NULL == replica_dn) {
return rc;
}
+ replica_sdn = slapi_sdn_new_dn_passin(replica_dn);
pb = slapi_pblock_new();
mods[0] = &mod;
mods[1] = NULL;
@@ -892,7 +894,7 @@ replica_task_done(Replica *replica)
mod.mod_type = (char *)TASK_ATTR;
mod.mod_bvalues = NULL;
- slapi_modify_internal_set_pb(pb, replica_dn, mods, NULL/* controls */,
+ slapi_modify_internal_set_pb_ext(pb, replica_sdn, mods, NULL/* controls */,
NULL/* uniqueid */,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION),
0/* flags */);
@@ -908,7 +910,7 @@ replica_task_done(Replica *replica)
}
slapi_pblock_destroy (pb);
- slapi_ch_free_string(&replica_dn);
+ slapi_sdn_free(&replica_sdn);
return rc;
}
diff --git a/ldap/servers/plugins/replication/repl5_updatedn_list.c b/ldap/servers/plugins/replication/repl5_updatedn_list.c
index 8cdb8d5..e8ab027 100644
--- a/ldap/servers/plugins/replication/repl5_updatedn_list.c
+++ b/ldap/servers/plugins/replication/repl5_updatedn_list.c
@@ -208,7 +208,7 @@ static int
convert_to_string(Slapi_DN *dn, void *arg)
{
struct list_to_string_data *data = (struct list_to_string_data *)arg;
- int newlen = strlen(slapi_sdn_get_dn(dn)) + strlen(data->delimiter) + 1;
+ int newlen = slapi_sdn_get_ndn_len(dn) + strlen(data->delimiter) + 1;
if (data->string) {
newlen += strlen(data->string);
data->string = slapi_ch_realloc(data->string, newlen);
diff --git a/ldap/servers/plugins/replication/repl_bind.c b/ldap/servers/plugins/replication/repl_bind.c
index a7eb78c..dbc77a6 100644
--- a/ldap/servers/plugins/replication/repl_bind.c
+++ b/ldap/servers/plugins/replication/repl_bind.c
@@ -51,13 +51,15 @@ int
legacy_preop_bind( Slapi_PBlock *pb )
{
int return_value = 0;
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
struct berval *cred = NULL;
int method;
slapi_pblock_get(pb, SLAPI_BIND_METHOD, &method);
- slapi_pblock_get(pb, SLAPI_BIND_TARGET, &dn);
+ slapi_pblock_get(pb, SLAPI_BIND_TARGET_SDN, &sdn);
slapi_pblock_get(pb, SLAPI_BIND_CREDENTIALS, &cred);
+ dn = slapi_sdn_get_dn(sdn);
if (LDAP_AUTH_SIMPLE == method)
{
diff --git a/ldap/servers/plugins/replication/repl_compare.c b/ldap/servers/plugins/replication/repl_compare.c
index acb0d69..3e1878d 100644
--- a/ldap/servers/plugins/replication/repl_compare.c
+++ b/ldap/servers/plugins/replication/repl_compare.c
@@ -48,16 +48,20 @@ int
legacy_preop_compare( Slapi_PBlock *pb )
{
int is_replicated_operation = 0;
- char *compare_base = NULL;
struct berval **referral = NULL;
int return_code = 0;
- Slapi_DN *basesdn;
+ Slapi_DN *basesdn = NULL;
slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation);
- slapi_pblock_get(pb, SLAPI_COMPARE_TARGET, &compare_base);
- basesdn= slapi_sdn_new_dn_byref(compare_base);
- referral = get_data_source(pb, basesdn, 1, NULL);
- slapi_sdn_free(&basesdn);
+ slapi_pblock_get(pb, SLAPI_COMPARE_TARGET_SDN, &basesdn);
+ if (NULL == basesdn) {
+ slapi_send_ldap_result(pb, LDAP_OPERATIONS_ERROR, NULL,
+ "Null target DN", 0, NULL );
+
+ return_code = 1; /* return 1 to prevent further search processing */
+ goto bail;
+ }
+ referral = get_data_source(pb, basesdn, 1, NULL);
if (NULL != referral && !is_replicated_operation)
{
/*
@@ -68,5 +72,6 @@ legacy_preop_compare( Slapi_PBlock *pb )
return_code = 1; /* return 1 to prevent further search processing */
}
slapi_ch_free((void**)&referral);
+bail:
return return_code;
}
diff --git a/ldap/servers/plugins/replication/repl_connext.c b/ldap/servers/plugins/replication/repl_connext.c
index 0b46c5e..2969b15 100644
--- a/ldap/servers/plugins/replication/repl_connext.c
+++ b/ldap/servers/plugins/replication/repl_connext.c
@@ -97,7 +97,7 @@ void consumer_connection_extension_destructor (void *ext, void *object, void *pa
if (NULL != repl_root_sdn)
{
slapi_pblock_set(pb, SLAPI_CONNECTION, connext->connection);
- slapi_pblock_set(pb, SLAPI_TARGET_DN, (void*)slapi_sdn_get_dn(repl_root_sdn));
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, (void*)repl_root_sdn);
slapi_pblock_get(pb, SLAPI_CONN_ID, &connid);
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"Aborting total update in progress for replicated "
diff --git a/ldap/servers/plugins/replication/repl_extop.c b/ldap/servers/plugins/replication/repl_extop.c
index ffbf2a9..2ff3627 100644
--- a/ldap/servers/plugins/replication/repl_extop.c
+++ b/ldap/servers/plugins/replication/repl_extop.c
@@ -947,7 +947,7 @@ multimaster_extop_StartNSDS50ReplicationRequest(Slapi_PBlock *pb)
* But what do we do if mapping tree could not be updated ? */
/* start the bulk import */
- slapi_pblock_set (pb, SLAPI_TARGET_DN, repl_root);
+ slapi_pblock_set (pb, SLAPI_TARGET_SDN, repl_root_sdn);
rc = slapi_start_bulk_import (pb);
if (rc != LDAP_SUCCESS)
{
@@ -1090,10 +1090,8 @@ send_response:
slapi_ch_free((void **)&replicacsnstr);
/* repl_root_sdn */
- if (NULL != repl_root_sdn)
- {
- slapi_sdn_free(&repl_root_sdn);
- }
+ slapi_sdn_free(&repl_root_sdn);
+
if (NSDS50_REPL_REPLICA_READY != response)
{
/*
@@ -1163,6 +1161,7 @@ multimaster_extop_EndNSDS50ReplicationRequest(Slapi_PBlock *pb)
{
int return_value = SLAPI_PLUGIN_EXTENDED_NOT_HANDLED;
char *repl_root = NULL;
+ Slapi_DN *repl_root_sdn = NULL;
BerElement *resp_bere = NULL;
struct berval *resp_bval = NULL;
ber_int_t response;
@@ -1208,8 +1207,16 @@ multimaster_extop_EndNSDS50ReplicationRequest(Slapi_PBlock *pb)
enabled again */
replica_set_state_flag(r, REPLICA_TOTAL_IN_PROGRESS, PR_TRUE /* clear flag */);
- slapi_pblock_set (pb, SLAPI_TARGET_DN, repl_root);
- slapi_stop_bulk_import (pb);
+ /* slapi_pblock_set (pb, SLAPI_TARGET_DN, repl_root); */
+ /* Verify that repl_root names a valid replicated area */
+ if ((repl_root_sdn = slapi_sdn_new_dn_byref(repl_root)) == NULL)
+ {
+ response = NSDS50_REPL_INTERNAL_ERROR;
+ goto send_response;
+ }
+ slapi_pblock_set (pb, SLAPI_TARGET_SDN, repl_root_sdn);
+
+ slapi_stop_bulk_import (pb);
/* ONREPL - this is a bit of a hack. Once bulk import is finished,
the replication function that responds to backend state change
@@ -1273,7 +1280,7 @@ multimaster_extop_EndNSDS50ReplicationRequest(Slapi_PBlock *pb)
goto free_and_return;
}
}
-
+send_response:
/* Send the response code */
if ((resp_bere = der_alloc()) == NULL)
{
@@ -1291,6 +1298,8 @@ free_and_return:
/* repl_root */
slapi_ch_free((void **)&repl_root);
+ slapi_sdn_free(&repl_root_sdn);
+
/* BerElement */
if (NULL != resp_bere)
{
diff --git a/ldap/servers/plugins/replication/replutil.c b/ldap/servers/plugins/replication/replutil.c
index b828a2a..3eec20a 100644
--- a/ldap/servers/plugins/replication/replutil.c
+++ b/ldap/servers/plugins/replication/replutil.c
@@ -523,7 +523,7 @@ IsValidOperation (const slapi_operation_parameters *op)
return PR_FALSE;
}
- if (op->target_address.dn == NULL)
+ if (op->target_address.sdn == NULL)
{
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
"IsValidOperation: NULL entry DN\n");
@@ -1007,7 +1007,7 @@ repl_enable_chain_on_update(Slapi_DN *suffix)
slapi_mods smods;
int operation_result;
Slapi_PBlock *pb= slapi_pblock_new();
- char *mtnnodedn;
+ Slapi_DN *mtnnodesdn;
slapi_mods_init(&smods,2);
@@ -1016,10 +1016,10 @@ repl_enable_chain_on_update(Slapi_DN *suffix)
slapi_mods_add_string(&smods, LDAP_MOD_ADD, "nsslapd-distribution-funct", "repl_chain_on_update");
/* need DN of mapping tree node here */
- mtnnodedn = slapi_get_mapping_tree_node_configdn(suffix);
- slapi_modify_internal_set_pb(
+ mtnnodesdn = slapi_get_mapping_tree_node_configsdn(suffix);
+ slapi_modify_internal_set_pb_ext(
pb,
- mtnnodedn,
+ mtnnodesdn,
slapi_mods_get_ldapmods_byref(&smods), /* JCM cast */
NULL, /*Controls*/
NULL, /*uniqueid*/
@@ -1028,7 +1028,7 @@ repl_enable_chain_on_update(Slapi_DN *suffix)
slapi_modify_internal_pb(pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &operation_result);
- slapi_ch_free_string(&mtnnodedn);
+ slapi_sdn_free(&mtnnodesdn);
slapi_pblock_destroy(pb);
switch(operation_result)
{
@@ -1051,7 +1051,7 @@ repl_disable_chain_on_update(Slapi_DN *suffix)
slapi_mods smods;
int operation_result;
Slapi_PBlock *pb= slapi_pblock_new();
- char *mtnnodedn;
+ Slapi_DN *mtnnodesdn;
slapi_mods_init(&smods,2);
@@ -1059,10 +1059,10 @@ repl_disable_chain_on_update(Slapi_DN *suffix)
slapi_mods_add_modbvps(&smods, LDAP_MOD_DELETE, "nsslapd-distribution-funct", NULL);
/* need DN of mapping tree node here */
- mtnnodedn = slapi_get_mapping_tree_node_configdn(suffix);
- slapi_modify_internal_set_pb(
+ mtnnodesdn = slapi_get_mapping_tree_node_configsdn(suffix);
+ slapi_modify_internal_set_pb_ext(
pb,
- mtnnodedn,
+ mtnnodesdn,
slapi_mods_get_ldapmods_byref(&smods), /* JCM cast */
NULL, /*Controls*/
NULL, /*uniqueid*/
@@ -1071,7 +1071,7 @@ repl_disable_chain_on_update(Slapi_DN *suffix)
slapi_modify_internal_pb(pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &operation_result);
- slapi_ch_free_string(&mtnnodedn);
+ slapi_sdn_free(&mtnnodesdn);
slapi_pblock_destroy(pb);
switch(operation_result)
{
diff --git a/ldap/servers/plugins/replication/urp.c b/ldap/servers/plugins/replication/urp.c
index 9410423..1328996 100644
--- a/ldap/servers/plugins/replication/urp.c
+++ b/ldap/servers/plugins/replication/urp.c
@@ -55,11 +55,10 @@ extern int slapi_log_urp;
static int urp_add_resolve_parententry (Slapi_PBlock *pb, char *sessionid, Slapi_Entry *entry, Slapi_Entry *parententry, CSN *opcsn);
static int urp_annotate_dn (char *sessionid, Slapi_Entry *entry, CSN *opcsn, const char *optype);
static int urp_naming_conflict_removal (Slapi_PBlock *pb, char *sessionid, CSN *opcsn, const char *optype);
-static int mod_namingconflict_attr (const char *uniqueid, const char*entrydn, const char *conflictdn, CSN *opcsn);
+static int mod_namingconflict_attr (const char *uniqueid, const Slapi_DN *entrysdn, const Slapi_DN *conflictsdn, CSN *opcsn);
static int del_replconflict_attr (Slapi_Entry *entry, CSN *opcsn, int opflags);
static char *get_dn_plus_uniqueid(char *sessionid,const char *olddn,const char *uniqueid);
static char *get_rdn_plus_uniqueid(char *sessionid,const char *olddn,const char *uniqueid);
-static void set_pblock_dn (Slapi_PBlock* pb,int pblock_parameter,char *newdn);
static int is_suffix_entry (Slapi_PBlock *pb, Slapi_Entry *entry, Slapi_DN **parenddn);
/*
@@ -122,7 +121,8 @@ urp_add_operation( Slapi_PBlock *pb )
char sessionid[REPL_SESSION_ID_SIZE];
int r;
int op_result= 0;
- int rc= 0; /* OK */
+ int rc= 0; /* OK */
+ Slapi_DN *sdn = NULL;
if ( slapi_op_abandoned(pb) )
{
@@ -206,8 +206,14 @@ urp_add_operation( Slapi_PBlock *pb )
*/
slapi_value_set_string (*vals, buf);
}
- slapi_entry_set_dn (addentry,slapi_ch_strdup(newdn));
- set_pblock_dn(pb,SLAPI_ADD_TARGET,newdn); /* consumes newdn */
+ /* slapi_pblock_get(pb, SLAPI_ADD_TARGET, &dn); */
+ slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+
+ slapi_entry_set_normdn(addentry, newdn); /* dn: passin */
+
+ sdn = slapi_sdn_dup(slapi_entry_get_sdn_const(addentry));
+ slapi_pblock_set(pb, SLAPI_ADD_TARGET_SDN, sdn);
rdn = slapi_rdn_new_sdn ( slapi_entry_get_sdn_const(addentry) );
slapi_log_error (slapi_log_urp, sessionid,
@@ -265,7 +271,6 @@ urp_modrdn_operation( Slapi_PBlock *pb )
Slapi_Entry *parent_entry;
Slapi_Entry *new_parent_entry;
Slapi_DN *newsuperior = NULL;
- char *newsuperiordn;
Slapi_DN *parentdn = NULL;
Slapi_Entry *target_entry;
Slapi_Entry *existing_entry;
@@ -273,8 +278,8 @@ urp_modrdn_operation( Slapi_PBlock *pb )
CSN *opcsn= NULL;
char *op_uniqueid = NULL;
const char *existing_uniqueid = NULL;
- const char *target_dn;
- const char *existing_dn;
+ const Slapi_DN *target_sdn;
+ const Slapi_DN *existing_sdn;
char *newrdn;
char sessionid[REPL_SESSION_ID_SIZE];
int r;
@@ -314,12 +319,12 @@ urp_modrdn_operation( Slapi_PBlock *pb )
}
/* The DN CSN is older than the Operation CSN. Apply the operation */
- target_dn = slapi_entry_get_dn_const ( target_entry);
+ target_sdn = slapi_entry_get_sdn_const (target_entry);
slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &newrdn);
slapi_pblock_get(pb, SLAPI_TARGET_UNIQUEID, &op_uniqueid);
slapi_pblock_get(pb, SLAPI_MODRDN_PARENT_ENTRY, &parent_entry);
slapi_pblock_get(pb, SLAPI_MODRDN_NEWPARENT_ENTRY, &new_parent_entry);
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperiordn);
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior);
if ( is_tombstone_entry (target_entry) )
{
@@ -366,7 +371,7 @@ urp_modrdn_operation( Slapi_PBlock *pb )
*/
existing_uniqueid = slapi_entry_get_uniqueid (existing_entry);
- existing_dn = slapi_entry_get_dn_const ( existing_entry);
+ existing_sdn = slapi_entry_get_sdn_const ( existing_entry);
/*
* Dismiss the operation if the existing entry is the same as the target one.
@@ -412,8 +417,8 @@ urp_modrdn_operation( Slapi_PBlock *pb )
Unique ID already in RDN - Change to Lost and Found entry */
goto bailout;
}
- mod_namingconflict_attr (op_uniqueid, target_dn, existing_dn, opcsn);
- set_pblock_dn (pb, SLAPI_MODRDN_NEWRDN, newrdn_with_uniqueid);
+ mod_namingconflict_attr (op_uniqueid, target_sdn, existing_sdn, opcsn);
+ slapi_pblock_set(pb, SLAPI_MODRDN_NEWRDN, newrdn_with_uniqueid);
slapi_log_error(slapi_log_urp, sessionid,
"Naming conflict MODRDN. Rename target entry to %s\n",
newrdn_with_uniqueid );
@@ -474,12 +479,12 @@ urp_modrdn_operation( Slapi_PBlock *pb )
/* The new superior entry doesn't exist */
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperiordn);
- if(newsuperiordn == NULL)
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior);
+ if(newsuperior == NULL)
{
/* (new_parent_entry==NULL && newsuperiordn==NULL)
* This is ok - SLAPI_MODRDN_NEWPARENT_ENTRY will
- * only be set if SLAPI_MODRDN_NEWSUPERIOR was
+ * only be set if SLAPI_MODRDN_NEWSUPERIOR_SDN was
* suplied by the client. If it wasn't, we're just
* changing the RDN of the entry. In that case,
* if the entry exists, its parent won't change
@@ -491,10 +496,9 @@ urp_modrdn_operation( Slapi_PBlock *pb )
goto bailout;
}
- newsuperior= slapi_sdn_new_dn_byval(newsuperiordn);
-
- if((0 == slapi_sdn_compare (slapi_entry_get_sdn(parent_entry), newsuperior)) ||
- is_suffix_dn (pb, newsuperior, &parentdn) )
+ if((0 == slapi_sdn_compare(slapi_entry_get_sdn(parent_entry),
+ newsuperior)) ||
+ is_suffix_dn (pb, newsuperior, &parentdn) )
{
/*
* The new superior is the same as the current one, or
@@ -521,7 +525,8 @@ urp_modrdn_operation( Slapi_PBlock *pb )
* admin intercession
*/
slapi_log_error( SLAPI_LOG_FATAL, sessionid,
- "Parent %s couldn't be found, nor recreated as a glue entry\n", newsuperiordn );
+ "Parent %s couldn't be found, nor recreated as a glue entry\n",
+ slapi_sdn_get_dn(newsuperior) );
op_result= LDAP_OPERATIONS_ERROR;
slapi_pblock_set(pb, SLAPI_RESULT_CODE, &op_result);
rc = -1;
@@ -542,8 +547,6 @@ bailout:
}
if ( parentdn )
slapi_sdn_free(&parentdn);
- if ( newsuperior )
- slapi_sdn_free(&newsuperior);
return rc;
}
@@ -761,9 +764,9 @@ urp_fixup_rename_entry (Slapi_Entry *entry, const char *newrdn, int opflags)
* Must mark this operation as replicated,
* so that the frontend doesn't add extra attributes.
*/
- slapi_rename_internal_set_pb (
+ slapi_rename_internal_set_pb_ext (
newpb,
- slapi_entry_get_dn_const (entry),
+ slapi_entry_get_sdn_const (entry),
newrdn, /*NewRDN*/
NULL, /*NewSuperior*/
0, /* !Delete Old RDNS */
@@ -815,7 +818,7 @@ urp_fixup_delete_entry (const char *uniqueid, const char *dn, CSN *opcsn, int op
}
int
-urp_fixup_modify_entry (const char *uniqueid, const char *dn, CSN *opcsn, Slapi_Mods *smods, int opflags)
+urp_fixup_modify_entry (const char *uniqueid, const Slapi_DN *sdn, CSN *opcsn, Slapi_Mods *smods, int opflags)
{
Slapi_PBlock *newpb;
Slapi_Operation *op;
@@ -823,9 +826,9 @@ urp_fixup_modify_entry (const char *uniqueid, const char *dn, CSN *opcsn, Slapi_
newpb = slapi_pblock_new();
- slapi_modify_internal_set_pb (
+ slapi_modify_internal_set_pb_ext (
newpb,
- dn,
+ sdn,
slapi_mods_get_ldapmods_byref (smods),
NULL, /* Controls */
uniqueid,
@@ -852,6 +855,7 @@ urp_add_resolve_parententry (Slapi_PBlock *pb, char *sessionid, Slapi_Entry *ent
char *newdn = NULL;
int ldap_rc;
int rc = 0;
+ Slapi_DN *sdn = NULL;
if( is_suffix_entry (pb, entry, &parentdn) )
{
@@ -928,8 +932,15 @@ urp_add_resolve_parententry (Slapi_PBlock *pb, char *sessionid, Slapi_Entry *ent
*/
add_rdn = slapi_rdn_new_dn(slapi_entry_get_dn_const (entry));
newdn = slapi_dn_plus_rdn(slapi_entry_get_dn_const (parententry), slapi_rdn_get_rdn(add_rdn));
- slapi_entry_set_dn ( entry,slapi_ch_strdup(newdn));
- set_pblock_dn (pb,SLAPI_ADD_TARGET,newdn); /* consumes newdn */
+ slapi_entry_set_normdn ( entry, newdn );
+
+ /* slapi_pblock_get(pb, SLAPI_ADD_TARGET, &dn); */
+ slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+
+ sdn = slapi_sdn_dup(slapi_entry_get_sdn_const(entry));
+ slapi_pblock_set(pb, SLAPI_ADD_TARGET_SDN, sdn);
+
slapi_log_error ( slapi_log_urp, sessionid,
"Parent was renamed. Renamed the child to %s\n", newdn );
rc= slapi_setbit_int(rc,SLAPI_RTN_BIT_FETCH_EXISTING_DN_ENTRY);
@@ -957,15 +968,17 @@ urp_annotate_dn (char *sessionid, Slapi_Entry *entry, CSN *opcsn, const char *op
int op_result;
char *newrdn;
const char *uniqueid;
+ const Slapi_DN *basesdn;
const char *basedn;
char ebuf[BUFSIZ];
uniqueid = slapi_entry_get_uniqueid (entry);
- basedn = slapi_entry_get_ndn (entry);
+ basesdn = slapi_entry_get_sdn_const (entry);
+ basedn = slapi_entry_get_dn_const (entry);
newrdn = get_rdn_plus_uniqueid ( sessionid, basedn, uniqueid );
if(newrdn!=NULL)
{
- mod_namingconflict_attr (uniqueid, basedn, basedn, opcsn);
+ mod_namingconflict_attr (uniqueid, basesdn, basesdn, opcsn);
op_result = urp_fixup_rename_entry ( entry, newrdn, 0 );
switch(op_result)
{
@@ -1094,7 +1107,7 @@ urp_get_min_naming_conflict_entry ( Slapi_PBlock *pb, char *sessionid, CSN *opcs
}
done:
- slapi_ch_free((void **)&parent_dn);
+ slapi_ch_free_string(&parent_dn);
if (filter) {
PR_smprintf_free(filter);
}
@@ -1240,15 +1253,6 @@ get_rdn_plus_uniqueid(char *sessionid, const char *olddn, const char *uniqueid)
return newrdn;
}
-static void
-set_pblock_dn (Slapi_PBlock* pb,int pblock_parameter,char *newdn)
-{
- char *olddn;
- slapi_pblock_get( pb, pblock_parameter, &olddn );
- slapi_ch_free((void**)&olddn);
- slapi_pblock_set( pb, pblock_parameter, newdn );
-}
-
static int
is_suffix_entry ( Slapi_PBlock *pb, Slapi_Entry *entry, Slapi_DN **parentdn )
{
@@ -1272,15 +1276,18 @@ is_suffix_dn ( Slapi_PBlock *pb, const Slapi_DN *dn, Slapi_DN **parentdn )
}
static int
-mod_namingconflict_attr (const char *uniqueid, const char *entrydn, const char *conflictdn, CSN *opcsn)
+mod_namingconflict_attr (const char *uniqueid, const Slapi_DN *entrysdn,
+ const Slapi_DN *conflictsdn, CSN *opcsn)
{
Slapi_Mods smods;
char buf[BUFSIZ];
int op_result;
- PR_snprintf (buf, sizeof(buf), "%s %s", REASON_ANNOTATE_DN, conflictdn);
+ PR_snprintf (buf, sizeof(buf), "%s %s",
+ REASON_ANNOTATE_DN, slapi_sdn_get_dn(conflictsdn));
slapi_mods_init (&smods, 2);
- if ( strncmp (entrydn, SLAPI_ATTR_UNIQUEID, strlen(SLAPI_ATTR_UNIQUEID)) != 0 )
+ if ( strncmp (slapi_sdn_get_dn(entrysdn), SLAPI_ATTR_UNIQUEID,
+ strlen(SLAPI_ATTR_UNIQUEID)) != 0 )
{
slapi_mods_add (&smods, LDAP_MOD_ADD, ATTR_NSDS5_REPLCONFLICT, strlen(buf), buf);
}
@@ -1293,7 +1300,7 @@ mod_namingconflict_attr (const char *uniqueid, const char *entrydn, const char *
*/
slapi_mods_add (&smods, LDAP_MOD_REPLACE, ATTR_NSDS5_REPLCONFLICT, strlen(buf), buf);
}
- op_result = urp_fixup_modify_entry (uniqueid, entrydn, opcsn, &smods, 0);
+ op_result = urp_fixup_modify_entry (uniqueid, entrysdn, opcsn, &smods, 0);
slapi_mods_done (&smods);
return op_result;
}
@@ -1308,13 +1315,13 @@ del_replconflict_attr (Slapi_Entry *entry, CSN *opcsn, int opflags)
{
Slapi_Mods smods;
const char *uniqueid;
- const char *entrydn;
+ const Slapi_DN *entrysdn;
uniqueid = slapi_entry_get_uniqueid (entry);
- entrydn = slapi_entry_get_dn_const (entry);
+ entrysdn = slapi_entry_get_sdn_const (entry);
slapi_mods_init (&smods, 2);
slapi_mods_add (&smods, LDAP_MOD_DELETE, ATTR_NSDS5_REPLCONFLICT, 0, NULL);
- op_result = urp_fixup_modify_entry (uniqueid, entrydn, opcsn, &smods, opflags);
+ op_result = urp_fixup_modify_entry (uniqueid, entrysdn, opcsn, &smods, opflags);
slapi_mods_done (&smods);
}
return op_result;
diff --git a/ldap/servers/plugins/replication/urp.h b/ldap/servers/plugins/replication/urp.h
index ff4d51a..2ca7ad2 100644
--- a/ldap/servers/plugins/replication/urp.h
+++ b/ldap/servers/plugins/replication/urp.h
@@ -60,7 +60,7 @@ int urp_post_modrdn_operation( Slapi_PBlock *pb );
int urp_fixup_add_entry (Slapi_Entry *e, const char *target_uniqueid, const char *parentuniqueid, CSN *opcsn, int opflags);
int urp_fixup_delete_entry (const char *uniqueid, const char *dn, CSN *opcsn, int opflags);
int urp_fixup_rename_entry (Slapi_Entry *entry, const char *newrdn, int opflags);
-int urp_fixup_modify_entry (const char *uniqueid, const char *dn, CSN *opcsn, Slapi_Mods *smods, int opflags);
+int urp_fixup_modify_entry (const char *uniqueid, const Slapi_DN *sdn, CSN *opcsn, Slapi_Mods *smods, int opflags);
int is_suffix_dn (Slapi_PBlock *pb, const Slapi_DN *dn, Slapi_DN **parenddn);
diff --git a/ldap/servers/plugins/replication/urp_glue.c b/ldap/servers/plugins/replication/urp_glue.c
index 15b29d4..e51712c 100644
--- a/ldap/servers/plugins/replication/urp_glue.c
+++ b/ldap/servers/plugins/replication/urp_glue.c
@@ -96,11 +96,13 @@ entry_to_glue(char *sessionid, const Slapi_Entry* entry, const char *reason, CSN
{
int op_result = 0;
const char *dn;
+ const Slapi_DN *sdn;
char ebuf[BUFSIZ];
slapi_mods smods;
Slapi_Attr *attr;
dn = slapi_entry_get_dn_const (entry);
+ sdn = slapi_entry_get_sdn_const (entry);
slapi_mods_init(&smods, 4);
/*
richm: sometimes the entry is already a glue entry (how did that happen?)
@@ -133,7 +135,7 @@ entry_to_glue(char *sessionid, const Slapi_Entry* entry, const char *reason, CSN
if (slapi_mods_get_num_mods(&smods) > 0)
{
- op_result = urp_fixup_modify_entry (NULL, dn, opcsn, &smods, 0);
+ op_result = urp_fixup_modify_entry (NULL, sdn, opcsn, &smods, 0);
if (op_result == LDAP_SUCCESS)
{
slapi_log_error (slapi_log_urp, repl_plugin_name,
diff --git a/ldap/servers/plugins/replication/urp_tombstone.c b/ldap/servers/plugins/replication/urp_tombstone.c
index e183cb1..6dd9a2a 100644
--- a/ldap/servers/plugins/replication/urp_tombstone.c
+++ b/ldap/servers/plugins/replication/urp_tombstone.c
@@ -181,7 +181,7 @@ tombstone_to_glue (
*/
addingentry = slapi_entry_dup(tombstoneentry);
addingdn = slapi_sdn_get_dn(tombstonedn);
- slapi_entry_set_dn(addingentry,slapi_ch_strdup(addingdn)); /* consumes DN */
+ slapi_entry_set_sdn(addingentry, tombstonedn);
if (!slapi_entry_attr_hasvalue(addingentry, ATTR_NSDS5_REPLCONFLICT, reason))
{
@@ -227,7 +227,9 @@ entry_to_tombstone ( Slapi_PBlock *pb, Slapi_Entry *entry )
*/
slapi_mods_add ( &smods, LDAP_MOD_DELETE, ATTR_NSDS5_REPLCONFLICT, 0, NULL );
- op_result = urp_fixup_modify_entry (uniqueid, slapi_entry_get_dn_const (entry), opcsn, &smods, 0);
+ op_result = urp_fixup_modify_entry (uniqueid,
+ slapi_entry_get_sdn_const (entry),
+ opcsn, &smods, 0);
slapi_mods_done ( &smods );
/*
diff --git a/ldap/servers/plugins/replication/windows_connection.c b/ldap/servers/plugins/replication/windows_connection.c
index 9205393..f2bda92 100644
--- a/ldap/servers/plugins/replication/windows_connection.c
+++ b/ldap/servers/plugins/replication/windows_connection.c
@@ -552,7 +552,7 @@ windows_LDAPMessage2Entry(Repl_Connection *conn, LDAPMessage * msg, int attrsonl
slapi_entry_free(e);
return NULL;
}
- slapi_entry_set_dn( rawentry, slapi_ch_strdup(slapi_entry_get_dn(e)) );
+ slapi_entry_set_sdn( rawentry, slapi_entry_get_sdn(e) );
for ( a = ldap_first_attribute( ld, msg, &ber ); a!=NULL; a=ldap_next_attribute( ld, msg, ber ) )
{
diff --git a/ldap/servers/plugins/replication/windows_private.c b/ldap/servers/plugins/replication/windows_private.c
index f36814b..6c19e4a 100644
--- a/ldap/servers/plugins/replication/windows_private.c
+++ b/ldap/servers/plugins/replication/windows_private.c
@@ -772,7 +772,6 @@ windows_private_save_dirsync_cookie(const Repl_Agmt *ra)
{
Dirsync_Private *dp = NULL;
Slapi_PBlock *pb = NULL;
- const char* dn = NULL;
Slapi_DN* sdn = NULL;
int rc = 0;
Slapi_Mods *mods = NULL;
@@ -788,12 +787,12 @@ windows_private_save_dirsync_cookie(const Repl_Agmt *ra)
pb = slapi_pblock_new ();
- mods = windows_private_get_cookie_mod(dp, LDAP_MOD_REPLACE);
- sdn = slapi_sdn_dup( agmt_get_dn_byref(ra) );
- dn = slapi_sdn_get_dn(sdn);
+ mods = windows_private_get_cookie_mod(dp, LDAP_MOD_REPLACE);
+ sdn = slapi_sdn_dup( agmt_get_dn_byref(ra) );
- slapi_modify_internal_set_pb (pb, dn, slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
- repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
+ slapi_modify_internal_set_pb_ext (pb, sdn,
+ slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
+ repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
@@ -802,8 +801,9 @@ windows_private_save_dirsync_cookie(const Repl_Agmt *ra)
{ /* try again, but as an add instead */
slapi_mods_free(&mods);
mods = windows_private_get_cookie_mod(dp, LDAP_MOD_ADD);
- slapi_modify_internal_set_pb (pb, dn, slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
- repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
+ slapi_modify_internal_set_pb_ext (pb, sdn,
+ slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
+ repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c b/ldap/servers/plugins/replication/windows_protocol_util.c
index 771475b..eb7fd00 100644
--- a/ldap/servers/plugins/replication/windows_protocol_util.c
+++ b/ldap/servers/plugins/replication/windows_protocol_util.c
@@ -1296,8 +1296,9 @@ process_replay_rename(Private_Repl_Protocol *prp,
remote_subtree?remote_subtree:"empty");
goto bail;
}
+ /* newparent is already normzlized; just ignore the case */
norm_newparent = slapi_ch_strdup(newparent);
- slapi_dn_normalize_case(norm_newparent);
+ slapi_dn_ignore_case(norm_newparent);
p = strstr(norm_newparent, local_subtree);
if (NULL == p) {
slapi_log_error(SLAPI_LOG_FATAL, windows_repl_plugin_name,
@@ -1389,7 +1390,7 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
LDAPDebug( LDAP_DEBUG_TRACE, "=> windows_replay_update\n", 0, 0, 0 );
- local_dn = slapi_sdn_new_dn_byref( op->target_address.dn );
+ local_dn = slapi_sdn_dup( op->target_address.sdn );
/* Since we have the target uniqueid in the op structure, let's
* fetch the local entry here using it. We do not want to search
@@ -1415,7 +1416,8 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
"%s: windows_replay_update: failed to fetch local entry "
"for %s operation dn=\"%s\"\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn);
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address));
goto error;
}
op->operation_type = SLAPI_OPERATION_DELETE;
@@ -1427,12 +1429,14 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
"%s: windows_replay_update: failed to fetch local entry for %s operation dn=\"%s\"\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn);
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address));
} else {
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: windows_replay_update: Looking at %s operation local dn=\"%s\" (%s)\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn, "ours");
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address), "ours");
}
/* Just bail on this change. We don't want to do any
* further checks since we don't have a local entry. */
@@ -1450,7 +1454,8 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: windows_replay_update: Looking at %s operation local dn=\"%s\" (%s,%s,%s)\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn, is_ours ? "ours" : "not ours",
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address), is_ours ? "ours" : "not ours",
is_user ? "user" : "not user", is_group ? "group" : "not group");
if (is_ours && (is_user || is_group) ) {
@@ -1463,14 +1468,16 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
"%s: windows_replay_update: failed map dn for %s operation dn=\"%s\""
"rc=%d remote_dn = [%s]\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn,
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address),
rc, remote_dn ? slapi_sdn_get_dn(remote_dn) : "(null)");
goto error;
}
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: windows_replay_update: Processing %s operation local dn=\"%s\" remote dn=\"%s\"\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn, slapi_sdn_get_dn(remote_dn));
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address), slapi_sdn_get_dn(remote_dn));
switch (op->operation_type) {
case SLAPI_OPERATION_ADD:
return_value = process_replay_add(prp,op->p.p_add.target_entry,local_entry,local_dn,remote_dn,is_user,missing_entry,&password);
@@ -1584,7 +1591,7 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
{
return_value = process_replay_rename(prp, local_entry, local_dn,
op->p.p_modrdn.modrdn_newrdn,
- op->p.p_modrdn.modrdn_newsuperior_address.dn,
+ REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address),
op->p.p_modrdn.modrdn_deloldrdn,
is_user, is_group);
if (CONN_OPERATION_FAILED == return_value) {
@@ -4446,6 +4453,7 @@ windows_update_local_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry,
Slapi_PBlock *pb = NULL;
int do_modify = 0;
char *newsuperior = NULL;
+ Slapi_DN newsuperior_sdn;
const char *newrdn = NULL;
int is_user = 0, is_group = 0;
const char *newdn = NULL;
@@ -4467,8 +4475,8 @@ windows_update_local_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry,
/* Compare the local and mapped RDNs if it is a group */
/* If they don't match, set it to newrdn. */
- if (is_group && strcmp(slapi_sdn_get_ndn(slapi_entry_get_sdn(local_entry)),
- slapi_sdn_get_ndn(mapped_sdn))) {
+ if (is_group && strcmp(slapi_entry_get_ndn(local_entry),
+ slapi_sdn_get_ndn(mapped_sdn))) {
newdn = slapi_sdn_get_dn(mapped_sdn);
slapi_rdn_set_dn(&rdn, newdn);
newrdn = slapi_rdn_get_rdn(&rdn);
@@ -4494,13 +4502,15 @@ windows_update_local_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry,
slapi_log_error(SLAPI_LOG_REPL, windows_repl_plugin_name, "renaming entry \"%s\" - "
"(newrdn: \"%s\", newsuperior: \"%s\"\n", newdn,
newrdn ? newrdn:"NULL", newsuperior ? newsuperior:"NULL");
- slapi_rename_internal_set_pb (pb,
- slapi_sdn_get_dn(slapi_entry_get_sdn(local_entry)),
- newrdn, newsuperior, 1 /* delete old RDNS */,
+ slapi_sdn_init_dn_byref(&newsuperior_sdn, newsuperior);
+ slapi_rename_internal_set_pb_ext (pb,
+ slapi_entry_get_sdn(local_entry),
+ newrdn, &newsuperior_sdn, 1 /* delete old RDNS */,
NULL /* controls */, NULL /* uniqueid */,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modrdn_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &retval);
+ slapi_sdn_done(&newsuperior_sdn);
slapi_pblock_destroy (pb);
if (LDAP_SUCCESS != retval) {
slapi_log_error(SLAPI_LOG_FATAL, windows_repl_plugin_name,
@@ -4541,12 +4551,14 @@ windows_update_local_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry,
if (pb)
{
char dnbuf[BUFSIZ];
- const char *dn = slapi_sdn_get_dn(slapi_entry_get_sdn_const(local_entry));
+ const char *dn = slapi_entry_get_dn_const(local_entry);
slapi_log_error(SLAPI_LOG_REPL, windows_repl_plugin_name,
"modifying entry: %s\n", escape_string(dn, dnbuf));
- slapi_modify_internal_set_pb (pb, slapi_entry_get_ndn(local_entry), slapi_mods_get_ldapmods_byref(&smods), NULL, NULL,
- repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
- slapi_modify_internal_pb (pb);
+ slapi_modify_internal_set_pb_ext (pb,
+ slapi_entry_get_sdn(local_entry),
+ slapi_mods_get_ldapmods_byref(&smods), NULL, NULL,
+ repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
+ slapi_modify_internal_pb (pb);
slapi_pblock_get (pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
if (rc)
{
@@ -4564,7 +4576,7 @@ windows_update_local_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry,
} else
{
char dnbuf[BUFSIZ];
- const char *dn = slapi_sdn_get_dn(slapi_entry_get_sdn_const(local_entry));
+ const char *dn = slapi_entry_get_dn_const(local_entry);
slapi_log_error(SLAPI_LOG_REPL, windows_repl_plugin_name,
"no mods generated for local entry: %s\n", escape_string(dn, dnbuf));
}
diff --git a/ldap/servers/plugins/retrocl/retrocl_po.c b/ldap/servers/plugins/retrocl/retrocl_po.c
index 96be617..29ce79f 100644
--- a/ldap/servers/plugins/retrocl/retrocl_po.c
+++ b/ldap/servers/plugins/retrocl/retrocl_po.c
@@ -567,7 +567,7 @@ int retrocl_postob (Slapi_PBlock *pb,int optype)
Slapi_Operation *op = NULL;
LDAPMod **modrdn_mods = NULL;
char *newrdn = NULL;
- char *newsuperior = NULL;
+ Slapi_DN *newsuperior = NULL;
Slapi_Backend *be = NULL;
time_t curtime;
int rc;
@@ -641,7 +641,7 @@ int retrocl_postob (Slapi_PBlock *pb,int optype)
(void)slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
(void)slapi_pblock_get( pb, SLAPI_MODRDN_DELOLDRDN, &flag );
(void)slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &modrdn_mods );
- (void)slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperior);
+ (void)slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior );
break;
}
@@ -649,9 +649,7 @@ int retrocl_postob (Slapi_PBlock *pb,int optype)
/* check if we should log change to retro changelog, and
* if so, do it here */
write_replog_db( pb, optype, dn, log_m, flag, curtime, te,
- newrdn, modrdn_mods, newsuperior );
+ newrdn, modrdn_mods, slapi_sdn_get_dn(newsuperior) );
return 0;
}
-
-
diff --git a/ldap/servers/plugins/roles/roles_cache.c b/ldap/servers/plugins/roles/roles_cache.c
index 912185d..83d3292 100644
--- a/ldap/servers/plugins/roles/roles_cache.c
+++ b/ldap/servers/plugins/roles/roles_cache.c
@@ -785,7 +785,8 @@ static int roles_cache_is_role_entry(struct slapi_entry *entry)
*/
void roles_cache_change_notify(Slapi_PBlock *pb)
{
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
struct slapi_entry *e = NULL;
struct slapi_entry *pre = NULL;
struct slapi_entry *entry = NULL;
@@ -814,10 +815,10 @@ void roles_cache_change_notify(Slapi_PBlock *pb)
return;
}
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
- if( dn == NULL )
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ if( sdn == NULL )
{
- return;
+ return;
}
slapi_pblock_get (pb, SLAPI_OPERATION, &pb_operation);
@@ -932,6 +933,7 @@ if ( e != NULL )
if ( top_suffix != NULL )
{
+ dn = slapi_sdn_get_dn(sdn);
roles_cache_trigger_update_role( slapi_ch_strdup(dn), entry,
top_suffix,
operation);
diff --git a/ldap/servers/plugins/statechange/statechange.c b/ldap/servers/plugins/statechange/statechange.c
index 3489fba..0653eed 100644
--- a/ldap/servers/plugins/statechange/statechange.c
+++ b/ldap/servers/plugins/statechange/statechange.c
@@ -232,7 +232,8 @@ static int statechange_post_op( Slapi_PBlock *pb, int modtype )
{
SCNotify *notify = head;
int execute;
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ char *ndn = NULL;
struct slapi_entry *e_before = NULL;
struct slapi_entry *e_after = NULL;
@@ -246,13 +247,13 @@ static int statechange_post_op( Slapi_PBlock *pb, int modtype )
slapi_lock_mutex(buffer_lock);
if(head)
{
- if(slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn ))
- {
- slapi_log_error( SLAPI_LOG_FATAL, SCN_PLUGIN_SUBSYSTEM, "statechange_post_op: failed to get dn of changed entry");
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ if (NULL == sdn) {
+ slapi_log_error( SLAPI_LOG_FATAL, SCN_PLUGIN_SUBSYSTEM,
+ "statechange_post_op: failed to get dn of changed entry" );
goto bail;
}
-
- slapi_dn_normalize( dn );
+ ndn = (char *)slapi_sdn_get_ndn(sdn);
slapi_pblock_get( pb, SLAPI_ENTRY_PRE_OP, &e_before );
slapi_pblock_get( pb, SLAPI_ENTRY_POST_OP, &e_after );
@@ -264,7 +265,7 @@ static int statechange_post_op( Slapi_PBlock *pb, int modtype )
/* first dn */
if(notify->dn)
{
- if(0 != slapi_dn_issuffix(dn, notify->dn))
+ if(0 != slapi_dn_issuffix(ndn, notify->dn))
execute = 1;
}
else
@@ -290,9 +291,9 @@ static int statechange_post_op( Slapi_PBlock *pb, int modtype )
if(execute)
{
if(e_after)
- (notify->func)(e_after, dn, modtype, pb, notify->caller_data);
+ (notify->func)(e_after, ndn, modtype, pb, notify->caller_data);
else
- (notify->func)(e_before, dn, modtype, pb, notify->caller_data);
+ (notify->func)(e_before, ndn, modtype, pb, notify->caller_data);
}
notify = notify->next;
diff --git a/ldap/servers/plugins/uiduniq/7bit.c b/ldap/servers/plugins/uiduniq/7bit.c
index f6120d6..3e0b921 100644
--- a/ldap/servers/plugins/uiduniq/7bit.c
+++ b/ldap/servers/plugins/uiduniq/7bit.c
@@ -233,13 +233,14 @@ preop_add(Slapi_PBlock *pb)
int argc;
char **argv;
char **attrName;
- char *dn;
+ const char *dn;
+ Slapi_DN *sdn = NULL;
Slapi_Entry *e;
Slapi_Attr *attr;
char **firstSubtree;
char **subtreeDN;
int subtreeCnt;
- int is_replicated_operation;
+ int is_replicated_operation;
/*
* Get the arguments
@@ -263,9 +264,11 @@ preop_add(Slapi_PBlock *pb)
/*
* Get the target DN for this add operation
*/
- err = slapi_pblock_get(pb, SLAPI_ADD_TARGET, &dn);
+ err = slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
if (err) { result = op_error(50); break; }
+ dn = slapi_sdn_get_dn(sdn);
+
#ifdef DEBUG
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name, "ADD target=%s\n", dn);
#endif
@@ -278,7 +281,7 @@ preop_add(Slapi_PBlock *pb)
if (err) { result = op_error(51); break; }
for ( firstSubtree = argv; strcmp(*firstSubtree, ",") != 0;
- firstSubtree++, argc--) {}
+ firstSubtree++, argc--) {}
firstSubtree++;
argc--;
@@ -304,7 +307,7 @@ preop_add(Slapi_PBlock *pb)
* the target DN is a subnode in the tree.
*/
for( subtreeDN=firstSubtree, subtreeCnt=argc ;subtreeCnt > 0;
- subtreeCnt--,subtreeDN++)
+ subtreeCnt--,subtreeDN++)
{
/*
* issuffix determines whether the target is under the
@@ -378,7 +381,8 @@ preop_modify(Slapi_PBlock *pb)
LDAPMod **mods;
LDAPMod **firstMods;
LDAPMod *mod;
- char *target;
+ const char *target;
+ Slapi_DN *target_sdn = NULL;
char **firstSubtree;
char **subtreeDN;
int subtreeCnt;
@@ -407,9 +411,10 @@ preop_modify(Slapi_PBlock *pb)
if (err) { result = op_error(10); break; }
/* Get the target DN */
- err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET, &target);
+ err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET_SDN, &target_sdn);
if (err) { result = op_error(11); break; }
+ target = slapi_sdn_get_dn(target_sdn);
/*
* Look for managed trees that include the target
* Arguments before "," are the 7-bit clean attribute names. Arguemnts
@@ -538,14 +543,14 @@ preop_modrdn(Slapi_PBlock *pb)
int argc;
char **argv;
char **attrName;
- char *target;
- char *superior;
+ Slapi_DN *target_sdn = NULL;
+ Slapi_DN *superior;
char *rdn;
Slapi_Attr *attr;
char **firstSubtree;
char **subtreeDN;
int subtreeCnt;
- int is_replicated_operation;
+ int is_replicated_operation;
/*
* Get the arguments
@@ -567,11 +572,11 @@ preop_modrdn(Slapi_PBlock *pb)
}
/* Get the DN of the entry being renamed */
- err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET, &target);
+ err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &target_sdn);
if (err) { result = op_error(22); break; }
/* Get superior value - unimplemented in 3.0 DS */
- err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &superior);
+ err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &superior);
if (err) { result = op_error(20); break; }
/*
@@ -579,7 +584,7 @@ preop_modrdn(Slapi_PBlock *pb)
* its current level in the tree. Use the target DN for
* determining which managed tree this belongs to
*/
- if (!superior) superior = target;
+ if (!superior) superior = target_sdn;
/* Get the new RDN - this has the attribute values */
err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &rdn);
@@ -649,7 +654,7 @@ preop_modrdn(Slapi_PBlock *pb)
* issuffix determines whether the target is under the
* subtree *subtreeDN
*/
- if (slapi_dn_issuffix(superior, *subtreeDN))
+ if (slapi_dn_issuffix(slapi_sdn_get_dn(superior), *subtreeDN))
{
#ifdef DEBUG
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name,
@@ -692,6 +697,7 @@ NS7bitAttr_Init(Slapi_PBlock *pb)
int argc;
char **argv;
+
/* Declare plugin version */
err = slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION,
SLAPI_PLUGIN_VERSION_01);
@@ -716,8 +722,11 @@ NS7bitAttr_Init(Slapi_PBlock *pb)
if (argc == 0) { err = -1; break; }
argv++; argc--;
- for(;argc > 0;argc--, argv++)
- slapi_dn_normalize_case(*argv);
+ for(;argc > 0;argc--, argv++) {
+ char *normdn = slapi_create_dn_string_case("%s", *argv);
+ slapi_ch_free_string(argv);
+ *argv = normdn;
+ }
/* Provide descriptive information */
err = slapi_pblock_set(pb, SLAPI_PLUGIN_DESCRIPTION,
diff --git a/ldap/servers/plugins/uiduniq/uid.c b/ldap/servers/plugins/uiduniq/uid.c
index 92eefa0..8bd5e17 100644
--- a/ldap/servers/plugins/uiduniq/uid.c
+++ b/ldap/servers/plugins/uiduniq/uid.c
@@ -340,28 +340,18 @@ search_one_berval(const char *baseDN, const char *attrName,
*/
for(;*entries;entries++)
{
- char *dn = slapi_entry_get_dn(*entries);
-
- /*
- * DNs are returned in the original value used to insert
- * the entry. This must be "normalized" for comparison.
- *
- * This normalization is done "in-place" (modifying the value
- * in the entry). This is OK, since this is the only user
- * of this copy of the entry.
- */
- slapi_dn_normalize_case(dn);
+ char *ndn = slapi_entry_get_ndn(*entries); /* get the normalized dn */
#ifdef DEBUG
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name,
- "SEARCH entry dn=%s\n", dn);
+ "SEARCH entry dn=%s\n", ndn);
#endif
/*
* It is a Constraint Violation if any entry is found, unless
* the entry is the target entry (if any).
*/
- if (!target || strcmp(dn, target) != 0)
+ if (!target || strcmp(ndn, target) != 0)
{
result = LDAP_CONSTRAINT_VIOLATION;
break;
@@ -557,7 +547,8 @@ preop_add(Slapi_PBlock *pb)
int err;
char *markerObjectClass = NULL;
char *requiredObjectClass = NULL;
- char *dn;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
int isupdatedn;
Slapi_Entry *e;
Slapi_Attr *attr;
@@ -582,7 +573,7 @@ preop_add(Slapi_PBlock *pb)
if (UNTAGGED_PARAMETER == result)
{
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name,
- "ADD parameter untagged: %s\n", attrName);
+ "ADD parameter untagged: %s\n", attrName);
result = LDAP_SUCCESS;
/* Statically defined subtrees to monitor */
err = slapi_pblock_get(pb, SLAPI_PLUGIN_ARGC, &argc);
@@ -599,9 +590,11 @@ preop_add(Slapi_PBlock *pb)
/*
* Get the target DN for this add operation
*/
- err = slapi_pblock_get(pb, SLAPI_ADD_TARGET, &dn);
+ err = slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
if (err) { result = uid_op_error(51); break; }
+ dn = slapi_sdn_get_dn(sdn);
+
#ifdef DEBUG
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name, "ADD target=%s\n", dn);
#endif
@@ -636,7 +629,7 @@ preop_add(Slapi_PBlock *pb)
if (NULL != markerObjectClass)
{
/* Subtree defined by location of marker object class */
- result = findSubtreeAndSearch(dn, attrName, attr, NULL,
+ result = findSubtreeAndSearch((char *)dn, attrName, attr, NULL,
requiredObjectClass, dn,
markerObjectClass);
} else
@@ -710,7 +703,8 @@ preop_modify(Slapi_PBlock *pb)
int modcount = 0;
int ii;
LDAPMod *mod;
- char *dn;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
int isupdatedn;
int argc;
char **argv = NULL;
@@ -763,53 +757,57 @@ preop_modify(Slapi_PBlock *pb)
/* find out how many mods meet this criteria */
for(;*mods;mods++)
{
- mod = *mods;
- if ((slapi_attr_type_cmp(mod->mod_type, attrName, 1) == 0) && /* mod contains target attr */
- (mod->mod_op & LDAP_MOD_BVALUES) && /* mod is bval encoded (not string val) */
- (mod->mod_bvalues && mod->mod_bvalues[0]) && /* mod actually contains some values */
- (SLAPI_IS_MOD_ADD(mod->mod_op) || /* mod is add */
- SLAPI_IS_MOD_REPLACE(mod->mod_op))) /* mod is replace */
- {
- addMod(&checkmods, &checkmodsCapacity, &modcount, mod);
- }
+ mod = *mods;
+ if ((slapi_attr_type_cmp(mod->mod_type, attrName, 1) == 0) && /* mod contains target attr */
+ (mod->mod_op & LDAP_MOD_BVALUES) && /* mod is bval encoded (not string val) */
+ (mod->mod_bvalues && mod->mod_bvalues[0]) && /* mod actually contains some values */
+ (SLAPI_IS_MOD_ADD(mod->mod_op) || /* mod is add */
+ SLAPI_IS_MOD_REPLACE(mod->mod_op))) /* mod is replace */
+ {
+ addMod(&checkmods, &checkmodsCapacity, &modcount, mod);
+ }
}
if (modcount == 0) {
- break; /* no mods to check, we are done */
+ break; /* no mods to check, we are done */
}
/* Get the target DN */
- err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET, &dn);
+ err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET_SDN, &sdn);
if (err) { result = uid_op_error(11); break; }
- /*
- * Check if it has the required object class
- */
- if (requiredObjectClass &&
- !(spb = dnHasObjectClass(dn, requiredObjectClass))) { break; }
+ dn = slapi_sdn_get_dn(sdn);
+ /*
+ * Check if it has the required object class
+ */
+ if (requiredObjectClass &&
+ !(spb = dnHasObjectClass(dn, requiredObjectClass))) {
+ break;
+ }
- /*
- * Passed all the requirements - this is an operation we
- * need to enforce uniqueness on. Now find all parent entries
- * with the marker object class, and do a search for each one.
- */
- /*
- * stop checking at first mod that fails the check
- */
- for (ii = 0; (result == 0) && (ii < modcount); ++ii)
- {
- mod = checkmods[ii];
- if (NULL != markerObjectClass)
- {
- /* Subtree defined by location of marker object class */
- result = findSubtreeAndSearch(dn, attrName, NULL, mod->mod_bvalues,
- requiredObjectClass, dn, markerObjectClass);
- } else
- {
- /* Subtrees listed on invocation line */
- result = searchAllSubtrees(argc, argv, attrName, NULL,
- mod->mod_bvalues, requiredObjectClass, dn);
- }
- }
+ /*
+ * Passed all the requirements - this is an operation we
+ * need to enforce uniqueness on. Now find all parent entries
+ * with the marker object class, and do a search for each one.
+ */
+ /*
+ * stop checking at first mod that fails the check
+ */
+ for (ii = 0; (result == 0) && (ii < modcount); ++ii)
+ {
+ mod = checkmods[ii];
+ if (NULL != markerObjectClass)
+ {
+ /* Subtree defined by location of marker object class */
+ result = findSubtreeAndSearch((char *)dn, attrName, NULL,
+ mod->mod_bvalues, requiredObjectClass,
+ dn, markerObjectClass);
+ } else
+ {
+ /* Subtrees listed on invocation line */
+ result = searchAllSubtrees(argc, argv, attrName, NULL,
+ mod->mod_bvalues, requiredObjectClass, dn);
+ }
+ }
END
slapi_ch_free((void **)&checkmods);
@@ -846,7 +844,6 @@ preop_modrdn(Slapi_PBlock *pb)
{
int result = LDAP_SUCCESS;
Slapi_Entry *e = NULL;
- Slapi_DN *sdn = NULL;
Slapi_Value *sv_requiredObjectClass = NULL;
char *errtext = NULL;
char *attrName = NULL;
@@ -860,8 +857,9 @@ preop_modrdn(Slapi_PBlock *pb)
int err;
char *markerObjectClass=NULL;
char *requiredObjectClass=NULL;
- char *dn;
- char *superior;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ Slapi_DN *superior;
char *rdn;
int deloldrdn = 0;
int isupdatedn;
@@ -907,14 +905,13 @@ preop_modrdn(Slapi_PBlock *pb)
}
/* Get the DN of the entry being renamed */
- err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET, &dn);
+ err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &sdn);
if (err) { result = uid_op_error(31); break; }
- /* Create a Slapi_DN to use for searching. */
- sdn = slapi_sdn_new_dn_byref(dn);
+ dn = slapi_sdn_get_dn(sdn);
/* Get superior value - unimplemented in 3.0/4.0/5.0 DS */
- err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &superior);
+ err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &superior);
if (err) { result = uid_op_error(32); break; }
/*
@@ -922,7 +919,7 @@ preop_modrdn(Slapi_PBlock *pb)
* its current level in the tree. Use the target DN for
* determining which managed tree this belongs to
*/
- if (!superior) superior = dn;
+ if (!superior) superior = sdn;
/* Get the new RDN - this has the attribute values */
err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &rdn);
@@ -949,7 +946,7 @@ preop_modrdn(Slapi_PBlock *pb)
}
/* Apply the rename operation to the dummy entry. */
- err = slapi_entry_rename(e, rdn, deloldrdn, superior);
+ err = slapi_entry_rename(e, rdn, deloldrdn, slapi_sdn_get_dn(superior));
if (err != LDAP_SUCCESS) { result = uid_op_error(36); break; }
/*
@@ -983,7 +980,6 @@ preop_modrdn(Slapi_PBlock *pb)
}
END
/* Clean-up */
- slapi_sdn_free(&sdn);
slapi_value_free(&sv_requiredObjectClass);
if (e) slapi_entry_free(e);
@@ -1048,8 +1044,11 @@ NSUniqueAttr_Init(Slapi_PBlock *pb)
if (argc < 1) { err = -1; break; }
argv++; argc--;
- for(;argc > 0;argc--, argv++)
- slapi_dn_normalize_case(*argv);
+ for(;argc > 0;argc--, argv++) {
+ char *normdn = slapi_create_dn_string_case("%s", *argv);
+ slapi_ch_free_string(argv);
+ *argv = normdn;
+ }
/* Provide descriptive information */
err = slapi_pblock_set(pb, SLAPI_PLUGIN_DESCRIPTION,
diff --git a/ldap/servers/plugins/views/views.c b/ldap/servers/plugins/views/views.c
index 6ec0246..48b6803 100644
--- a/ldap/servers/plugins/views/views.c
+++ b/ldap/servers/plugins/views/views.c
@@ -1683,6 +1683,7 @@ static int view_search_rewrite_callback(Slapi_PBlock *pb)
int scope = 0;
int set_scope = LDAP_SCOPE_SUBTREE;
viewEntry *theView = 0;
+ Slapi_DN *basesdn = NULL;
#ifdef _VIEW_DEBUG_FILTERS
char outFilter_str[1024];
@@ -1711,7 +1712,8 @@ static int view_search_rewrite_callback(Slapi_PBlock *pb)
goto end;
/* if base of the search is a view */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &basesdn);
+ base = (char *)slapi_sdn_get_dn(basesdn);
/* Read lock the cache */
views_read_lock();
@@ -1763,8 +1765,11 @@ static int view_search_rewrite_callback(Slapi_PBlock *pb)
/* rewrite search scope and base*/
slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &set_scope);
- base = slapi_ch_strdup(theView->pSearch_base);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, base);
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &basesdn);
+ slapi_sdn_free(&basesdn);
+
+ basesdn = slapi_sdn_new_dn_byval(theView->pSearch_base);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, basesdn);
/* concatenate the filters */
diff --git a/ldap/servers/slapd/add.c b/ldap/servers/slapd/add.c
index 19a7690..cc712de 100644
--- a/ldap/servers/slapd/add.c
+++ b/ldap/servers/slapd/add.c
@@ -116,8 +116,7 @@ do_add( Slapi_PBlock *pb )
/* get the name */
{
char *rawdn = NULL;
- char *dn = NULL;
- size_t dnlen = 0;
+ Slapi_DN mysdn;
if ( ber_scanf( ber, "{a", &rawdn ) == LBER_ERROR ) {
slapi_ch_free_string(&rawdn);
LDAPDebug( LDAP_DEBUG_ANY,
@@ -140,20 +139,20 @@ do_add( Slapi_PBlock *pb )
return;
}
}
- rc = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "ADD", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free_string(&rawdn);
+ slapi_sdn_init_dn_passin(&mysdn, rawdn);
+ if (rawdn && (strlen(rawdn) > 0) &&
+ (NULL == slapi_sdn_get_dn(&mysdn))) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "ADD", rawdn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid dn", 0, NULL);
+ slapi_sdn_done(&mysdn);
return;
- } else if (rc > 0) {
- slapi_ch_free_string(&rawdn);
- } else { /* rc == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
}
e = slapi_entry_alloc();
- slapi_entry_init(e,dn,NULL); /* Responsibility for DN is passed to the Entry. */
+ /* Responsibility for DN is passed to the Entry. */
+ slapi_entry_init_ext(e, &mysdn, NULL);
+ slapi_sdn_done(&mysdn);
}
LDAPDebug( LDAP_DEBUG_ARGS, " do_add: dn (%s)\n", slapi_entry_get_dn_const(e), 0, 0 );
@@ -338,7 +337,7 @@ slapi_add_entry_internal(Slapi_Entry *e, LDAPControl **controls, int dummy)
/* This is new style API to issue internal add operation.
pblock should contain the following data (can be set via call to slapi_add_internal_set_pb):
- SLAPI_TARGET_DN set to dn of the new entry
+ SLAPI_TARGET_SDN set to sdn of the new entry
SLAPI_CONTROLS_ARG set to request controls if present
SLAPI_ADD_ENTRY set to Slapi_Entry to add
Beware: The entry is consumed. */
@@ -458,6 +457,7 @@ static void op_shared_add (Slapi_PBlock *pb)
char *proxystr = NULL;
int proxy_err = LDAP_SUCCESS;
char *errtext = NULL;
+ Slapi_DN *sdn = NULL;
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
slapi_pblock_get (pb, SLAPI_ADD_ENTRY, &e);
@@ -532,7 +532,7 @@ static void op_shared_add (Slapi_PBlock *pb)
goto done;
}
- slapi_pblock_set(pb, SLAPI_TARGET_DN, (void*)slapi_sdn_get_ndn(operation_get_target_spec (operation)));
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, (void*)operation_get_target_spec (operation));
send_referrals_from_entry(pb,referral);
slapi_entry_free(referral);
goto done;
@@ -547,16 +547,16 @@ static void op_shared_add (Slapi_PBlock *pb)
present_values= attr_get_present_values(attr);
/* Set the backend in the pblock. The slapi_access_allowed function
- * needs this set to work properly. */
- slapi_pblock_set( pb, SLAPI_BACKEND, slapi_be_select( slapi_entry_get_sdn_const(e) ) );
+ * needs this set to work properly. */
+ slapi_pblock_set( pb, SLAPI_BACKEND, slapi_be_select( slapi_entry_get_sdn_const(e) ) );
/* Check ACI before checking password syntax */
if ( (err = slapi_access_allowed(pb, e, SLAPI_USERPWD_ATTR, NULL,
- SLAPI_ACL_ADD)) != LDAP_SUCCESS) {
- send_ldap_result(pb, err, NULL,
- "Insufficient 'add' privilege to the "
- "'userPassword' attribute", 0, NULL);
- goto done;
+ SLAPI_ACL_ADD)) != LDAP_SUCCESS) {
+ send_ldap_result(pb, err, NULL,
+ "Insufficient 'add' privilege to the "
+ "'userPassword' attribute", 0, NULL);
+ goto done;
}
/* check password syntax */
@@ -657,21 +657,23 @@ static void op_shared_add (Slapi_PBlock *pb)
* plugins.
*/
- slapi_pblock_set(pb, SLAPI_ADD_TARGET,
- (char*)slapi_sdn_get_ndn(slapi_entry_get_sdn_const(e)));
- if (plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_PRE_ADD_FN :
- SLAPI_PLUGIN_PRE_ADD_FN) == 0)
+ sdn = slapi_sdn_dup(slapi_entry_get_sdn_const(e));
+ slapi_pblock_set(pb, SLAPI_ADD_TARGET_SDN, (void *)sdn);
+ if (plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_PRE_ADD_FN :
+ SLAPI_PLUGIN_PRE_ADD_FN) == 0)
{
int rc;
Slapi_Entry *ec;
- char *add_target_dn;
+ Slapi_DN *add_target_sdn = NULL;
slapi_pblock_set(pb, SLAPI_PLUGIN, be->be_database);
set_db_default_result_handlers(pb);
/* because be_add frees the entry */
ec = slapi_entry_dup(e);
- add_target_dn= slapi_ch_strdup(slapi_sdn_get_ndn(slapi_entry_get_sdn_const(ec)));
- slapi_pblock_set(pb, SLAPI_ADD_TARGET, add_target_dn);
+ add_target_sdn = slapi_sdn_dup(slapi_entry_get_sdn_const(ec));
+ slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ slapi_pblock_set(pb, SLAPI_ADD_TARGET_SDN, add_target_sdn);
if (be->be_add != NULL)
{
@@ -717,9 +719,9 @@ static void op_shared_add (Slapi_PBlock *pb)
plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_POST_ADD_FN :
SLAPI_PLUGIN_POST_ADD_FN);
slapi_entry_free(ec);
- slapi_pblock_get(pb, SLAPI_ADD_TARGET, &add_target_dn);
- slapi_ch_free((void**)&add_target_dn);
}
+ slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
done:
if (be)
diff --git a/ldap/servers/slapd/auditlog.c b/ldap/servers/slapd/auditlog.c
index 3cca975..d000550 100644
--- a/ldap/servers/slapd/auditlog.c
+++ b/ldap/servers/slapd/auditlog.c
@@ -57,13 +57,14 @@ char *attr_deleteoldrdn = ATTR_DELETEOLDRDN;
char *attr_modifiersname = ATTR_MODIFIERSNAME;
/* Forward Declarations */
-static void write_audit_file( int optype, char *dn, void *change, int flag, time_t curtime );
+static void write_audit_file( int optype, const char *dn, void *change, int flag, time_t curtime );
void
write_audit_log_entry( Slapi_PBlock *pb )
{
time_t curtime;
- char *dn;
+ Slapi_DN *sdn;
+ const char *dn;
void *change;
int flag = 0;
Operation *op;
@@ -75,27 +76,13 @@ write_audit_log_entry( Slapi_PBlock *pb )
}
slapi_pblock_get( pb, SLAPI_OPERATION, &op );
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
switch ( operation_get_type(op) )
{
case SLAPI_OPERATION_MODIFY:
slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &change );
break;
- case SLAPI_OPERATION_ADD:
- {
- /*
- * For adds, we want the unnormalized dn, so we can preserve
- * spacing, case, when replicating it.
- */
- Slapi_Entry *te = NULL;
- slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &change );
- te = (Slapi_Entry *)change;
- if ( NULL != te )
- {
- dn = slapi_entry_get_dn( te );
- }
- }
- break;
case SLAPI_OPERATION_DELETE:
{
char * deleterDN = NULL;
@@ -129,7 +116,7 @@ write_audit_log_entry( Slapi_PBlock *pb )
static void
write_audit_file(
int optype,
- char *dn,
+ const char *dn,
void *change,
int flag,
time_t curtime
diff --git a/ldap/servers/slapd/auth.c b/ldap/servers/slapd/auth.c
index 2c25483..796ca7a 100644
--- a/ldap/servers/slapd/auth.c
+++ b/ldap/servers/slapd/auth.c
@@ -81,30 +81,17 @@ slapu_search_s( LDAP* ld, const char* rawbaseDN, int scope, const char* filter,
int err = LDAP_NO_SUCH_OBJECT;
Slapi_PBlock* pb = NULL;
LDAPControl **ctrls;
- char *baseDN = slapi_ch_strdup(rawbaseDN);
- char *normDN = NULL;
- size_t dnlen = 0;
-
- err = slapi_dn_normalize_ext(baseDN, 0, &normDN, &dnlen);
- if (err < 0) {
- err = LDAP_INVALID_DN_SYNTAX;
- LDAPDebug (LDAP_DEBUG_TRACE, "<= slapu_search_s %i\n", err, 0, 0);
- return err;
- } else if (err == 0) { /* baseDN is passed in; not terminated */
- *(normDN + dnlen) = '\0';
- } else {
- slapi_ch_free_string(&baseDN);
- baseDN = normDN;
- }
+ Slapi_DN *sdn = slapi_sdn_new_dn_byval(rawbaseDN);
+ char *baseDN = slapi_sdn_get_dn(sdn);
if (ld != internal_ld) {
err = ldap_search_ext_s(ld, baseDN, scope, filter, attrs, attrsonly,
NULL, NULL, NULL, -1, result);
- slapi_ch_free_string(&baseDN);
+ slapi_sdn_free(&sdn);
return err;
}
LDAPDebug (LDAP_DEBUG_TRACE, "=> slapu_search_s (\"%s\", %i, %s)\n",
- baseDN, scope, filter);
+ baseDN, scope, filter);
if (filter == NULL) filter = "objectclass=*";
/* use new internal search API */
@@ -138,7 +125,7 @@ slapu_search_s( LDAP* ld, const char* rawbaseDN, int scope, const char* filter,
LDAPDebug (LDAP_DEBUG_ANY, "slapi_search_internal (\"%s\", %i, %s) NULL\n",
escape_string( (char*)baseDN, ebuf ), scope, escape_string( (char*)filter, fbuf ));
}
- slapi_ch_free_string(&baseDN);
+ slapi_sdn_free(&sdn);
*result = (LDAPMessage*)pb;
LDAPDebug (LDAP_DEBUG_TRACE, "<= slapu_search_s %i\n", err, 0, 0);
return err;
@@ -534,19 +521,10 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData)
if (clientDN != NULL) {
char ebuf[ BUFSIZ ];
- int rc = 0;
- char *normedDN = NULL;
- size_t dnlen = 0;
-
- rc = slapi_dn_normalize_ext(clientDN, 0, &normedDN, &dnlen);
- if (rc < 0) {
- /* ignoring the normalization error, use the pre normalized DN */
- } else if (rc == 0) { /* clientDN is passed in; not terminated */
- *(normedDN + dnlen) = '\0';
- } else {
- slapi_ch_free_string(&clientDN);
- clientDN = normedDN;
- }
+ Slapi_DN *sdn = NULL;
+ sdn = slapi_sdn_new_dn_passin(clientDN);
+ clientDN = slapi_ch_strdup(slapi_sdn_get_dn(sdn));
+ slapi_sdn_free(&sdn);
slapi_log_access (LDAP_DEBUG_STATS,
"conn=%" NSPRIu64 " SSL client bound as %s\n",
conn->c_connid, escape_string( clientDN, ebuf ));
diff --git a/ldap/servers/slapd/back-ldbm/ancestorid.c b/ldap/servers/slapd/back-ldbm/ancestorid.c
index 1e90871..15fb7e0 100644
--- a/ldap/servers/slapd/back-ldbm/ancestorid.c
+++ b/ldap/servers/slapd/back-ldbm/ancestorid.c
@@ -717,8 +717,8 @@ static int ldbm_ancestorid_index_update(
{
DB *db = NULL;
int allids = IDL_INSERT_NORMAL;
- Slapi_DN dn = {0};
- Slapi_DN nextdn = {0};
+ Slapi_DN sdn;
+ Slapi_DN nextsdn;
struct attrinfo *ai = NULL;
ID node_id, sub_id;
idl_iterator iter;
@@ -733,36 +733,38 @@ static int ldbm_ancestorid_index_update(
goto out;
}
- slapi_sdn_copy(low, &dn);
+ slapi_sdn_init(&sdn);
+ slapi_sdn_init(&nextsdn);
+ slapi_sdn_copy(low, &sdn);
if (include_low == 0) {
- if (slapi_sdn_compare(&dn, high) == 0) {
+ if (slapi_sdn_compare(&sdn, high) == 0) {
goto out;
}
/* Get the next highest DN */
- slapi_sdn_get_parent(&dn, &nextdn);
- slapi_sdn_copy(&nextdn, &dn);
+ slapi_sdn_get_parent(&sdn, &nextsdn);
+ slapi_sdn_copy(&nextsdn, &sdn);
}
/* Iterate up through the tree */
do {
- if (slapi_sdn_isempty(&dn)) {
+ if (slapi_sdn_isempty(&sdn)) {
break;
}
/* Have we reached the high node? */
- if (include_high == 0 && slapi_sdn_compare(&dn, high) == 0) {
+ if (include_high == 0 && slapi_sdn_compare(&sdn, high) == 0) {
break;
}
/* Get the id for that DN */
if (entryrdn_get_switch()) { /* subtree-rename: on */
node_id = 0;
- err = entryrdn_index_read(be, &dn, &node_id, txn);
+ err = entryrdn_index_read(be, &sdn, &node_id, txn);
if (err) {
if (DB_NOTFOUND != err) {
ldbm_nasty(sourcefile,13141,err);
- LDAPDebug1Arg(LDAP_DEBUG_ANY, "entryrdn_index_read(%s)\n", slapi_sdn_get_dn(&dn));
+ LDAPDebug1Arg(LDAP_DEBUG_ANY, "entryrdn_index_read(%s)\n", slapi_sdn_get_dn(&sdn));
ret = err;
}
break;
@@ -770,8 +772,8 @@ static int ldbm_ancestorid_index_update(
} else {
IDList *idl = NULL;
struct berval ndnv;
- ndnv.bv_val = (void*)slapi_sdn_get_ndn(&dn);
- ndnv.bv_len = slapi_sdn_get_ndn_len(&dn);
+ ndnv.bv_val = (void*)slapi_sdn_get_ndn(&sdn);
+ ndnv.bv_len = slapi_sdn_get_ndn_len(&sdn);
err = 0;
idl = index_read(be, LDBM_ENTRYDN_STR, indextype_EQUALITY, &ndnv, txn, &err);
if (idl == NULL) {
@@ -807,19 +809,19 @@ static int ldbm_ancestorid_index_update(
}
/* Have we reached the high node? */
- if (slapi_sdn_compare(&dn, high) == 0) {
+ if (slapi_sdn_compare(&sdn, high) == 0) {
break;
}
/* Get the next highest DN */
- slapi_sdn_get_parent(&dn, &nextdn);
- slapi_sdn_copy(&nextdn, &dn);
+ slapi_sdn_get_parent(&sdn, &nextsdn);
+ slapi_sdn_copy(&nextsdn, &sdn);
} while (ret == 0);
out:
- slapi_sdn_done(&dn);
- slapi_sdn_done(&nextdn);
+ slapi_sdn_done(&sdn);
+ slapi_sdn_done(&nextsdn);
/* Release the ancestorid file */
if (db != NULL) {
@@ -856,7 +858,8 @@ int ldbm_ancestorid_index_entry(
* If common is non-null then the common suffix of left and right
* is returned in *common.
*/
-int slapi_sdn_suffix_cmp(
+static int
+_sdn_suffix_cmp(
const Slapi_DN *left,
const Slapi_DN *right,
Slapi_DN *common
@@ -870,12 +873,24 @@ int slapi_sdn_suffix_cmp(
rdns1 = slapi_ldap_explode_dn(slapi_sdn_get_ndn(left), 0);
rdns2 = slapi_ldap_explode_dn(slapi_sdn_get_ndn(right), 0);
- for(count1 = 0; rdns1[count1]!=NULL; count1++){
+ if (NULL == rdns1) {
+ if (NULL == rdns2) {
+ ret = 0;
+ } else {
+ ret = 1;
+ }
+ goto out;
+ } else {
+ if (NULL == rdns2) {
+ ret = -1;
+ goto out;
+ }
}
+
+ for(count1 = 0; rdns1[count1]!=NULL; count1++) ;
count1--;
- for(count2 = 0; rdns2[count2]!=NULL; count2++){
- }
+ for(count2 = 0; rdns2[count2]!=NULL; count2++) ;
count2--;
while (count1 >= 0 && count2 >= 0) {
@@ -922,11 +937,11 @@ int slapi_sdn_suffix_cmp(
LDAPDebug(LDAP_DEBUG_TRACE, "common suffix <%s>\n",
slapi_sdn_get_dn(common), 0, 0);
- out:
+out:
slapi_ldap_value_free(rdns1);
slapi_ldap_value_free(rdns2);
- LDAPDebug(LDAP_DEBUG_TRACE, "slapi_sdn_suffix_cmp(<%s>, <%s>) => %d\n",
+ LDAPDebug(LDAP_DEBUG_TRACE, "_sdn_suffix_cmp(<%s>, <%s>) => %d\n",
slapi_sdn_get_dn(left), slapi_sdn_get_dn(right), ret);
return ret;
@@ -942,15 +957,17 @@ int ldbm_ancestorid_move_subtree(
)
{
int ret = 0;
- Slapi_DN commondn = {0};
+ Slapi_DN commonsdn;
+
+ slapi_sdn_init(&commonsdn);
/* Determine the common ancestor */
- (void)slapi_sdn_suffix_cmp(olddn, newdn, &commondn);
+ (void)_sdn_suffix_cmp(olddn, newdn, &commonsdn);
/* Delete from old ancestors */
ret = ldbm_ancestorid_index_update(be,
olddn,
- &commondn,
+ &commonsdn,
0,
0,
id,
@@ -962,7 +979,7 @@ int ldbm_ancestorid_move_subtree(
/* Add to new ancestors */
ret = ldbm_ancestorid_index_update(be,
newdn,
- &commondn,
+ &commonsdn,
0,
0,
id,
@@ -971,7 +988,7 @@ int ldbm_ancestorid_move_subtree(
txn);
out:
- slapi_sdn_done(&commondn);
+ slapi_sdn_done(&commonsdn);
return ret;
}
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c
index 0e5804c..7f7d0ca 100644
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
@@ -2815,7 +2815,6 @@ int
dblayer_remove_env(struct ldbminfo *li)
{
DB_ENV *env = NULL;
- dblayer_private *priv = NULL;
char *home_dir = NULL;
int rc = db_env_create(&env, 0);
if (rc) {
@@ -2827,7 +2826,6 @@ dblayer_remove_env(struct ldbminfo *li)
LDAPDebug0Args(LDAP_DEBUG_ANY, "ERROR -- No ldbm info is given\n");
return -1;
}
- priv = (dblayer_private *)li->li_dblayer_private;
home_dir = dblayer_get_home_dir(li, NULL);
if (home_dir) {
diff --git a/ldap/servers/slapd/back-ldbm/dn2entry.c b/ldap/servers/slapd/back-ldbm/dn2entry.c
index 4d6dc7c..99a9f47 100644
--- a/ldap/servers/slapd/back-ldbm/dn2entry.c
+++ b/ldap/servers/slapd/back-ldbm/dn2entry.c
@@ -182,13 +182,11 @@ dn2ancestor(
Slapi_DN ancestorndn;
const char *ptr;
- /* assign ancestordn to the parent of the given dn - ancestordn will contain
- the "raw" unnormalized DN from the caller, so we can give back the DN
- in the same format as we received it */
+ /* assign ancestordn to the parent of the given dn */
ptr = slapi_dn_find_parent(slapi_sdn_get_dn(sdn));
/* assign the ancestordn dn pointer to the parent of dn from sdn - sdn "owns"
the memory, but ancestordn points to it */
- slapi_sdn_set_dn_byref(ancestordn, ptr); /* free any previous contents */
+ slapi_sdn_set_normdn_byref(ancestordn, ptr); /* free any previous contents */
/* now, do the same for the normalized version */
/* ancestorndn holds the normalized version for iteration purposes and
because dn2entry needs the normalized dn */
@@ -221,7 +219,7 @@ dn2ancestor(
slapi_sdn_set_ndn_byref(&ancestorndn, ptr); /* wipe out the previous contents */
/* now do the same for the unnormalized one */
ptr = slapi_dn_find_parent(slapi_sdn_get_dn(ancestordn));
- slapi_sdn_set_dn_byref(ancestordn, ptr); /* wipe out the previous contents */
+ slapi_sdn_set_normdn_byref(ancestordn, ptr); /* wipe out the previous contents */
}
}
@@ -256,17 +254,20 @@ get_copy_of_entry(Slapi_PBlock *pb, const entry_address *addr, back_txn *txn, in
}
else
{
- Slapi_DN sdn;
- slapi_sdn_init_dn_byref (&sdn, addr->dn); /* We assume that the DN is not normalized */
- entry = dn2entry( be, &sdn, txn, &err );
- slapi_sdn_done (&sdn);
+ if (addr->sdn) {
+ entry = dn2entry( be, addr->sdn, txn, &err );
+ } else {
+ err = 1;
+ }
}
if ( 0 != err && DB_NOTFOUND != err )
{
if(must_exist)
{
- LDAPDebug( LDAP_DEBUG_ANY, "Operation error fetching %s (%s), error %d.\n",
- addr->dn, (addr->uniqueid==NULL?"null":addr->uniqueid), err );
+ LDAPDebug( LDAP_DEBUG_ANY,
+ "Operation error fetching %s (%s), error %d.\n",
+ addr->sdn?slapi_sdn_get_dn(addr->sdn):"Null DN",
+ (addr->uniqueid==NULL?"null":addr->uniqueid), err );
}
if ( LDAP_INVALID_DN_SYNTAX == err ) {
rc = LDAP_INVALID_DN_SYNTAX; /* respect the error */
@@ -280,9 +281,9 @@ get_copy_of_entry(Slapi_PBlock *pb, const entry_address *addr, back_txn *txn, in
if(entry!=NULL)
{
ldbm_instance *inst;
- slapi_pblock_set( pb, plock_parameter, slapi_entry_dup(entry->ep_entry));
+ slapi_pblock_set( pb, plock_parameter, slapi_entry_dup(entry->ep_entry));
inst = (ldbm_instance *) be->be_instance_info;
- CACHE_RETURN( &inst->inst_cache, &entry );
+ CACHE_RETURN( &inst->inst_cache, &entry );
}
}
/* JCMREPL - Free the backentry? */
diff --git a/ldap/servers/slapd/back-ldbm/findentry.c b/ldap/servers/slapd/back-ldbm/findentry.c
index 9c076f8..b739ab1 100644
--- a/ldap/servers/slapd/back-ldbm/findentry.c
+++ b/ldap/servers/slapd/back-ldbm/findentry.c
@@ -170,14 +170,15 @@ find_entry_internal_dn(
*/
if (!really_internal) {
struct backentry *me;
- Slapi_DN ancestordn= {0};
- me= dn2ancestor(pb->pb_backend,sdn,&ancestordn,txn,&err);
+ Slapi_DN ancestorsdn;
+ slapi_sdn_init(&ancestorsdn);
+ me= dn2ancestor(pb->pb_backend,sdn,&ancestorsdn,txn,&err);
if ( !managedsait && me != NULL ) {
/* if the entry is a referral send the referral */
- if(check_entry_for_referral(pb, me->ep_entry, (char*)slapi_sdn_get_dn(&ancestordn), "find_entry_internal_dn"))
+ if(check_entry_for_referral(pb, me->ep_entry, (char*)slapi_sdn_get_dn(&ancestorsdn), "find_entry_internal_dn"))
{
CACHE_RETURN( &inst->inst_cache, &me );
- slapi_sdn_done(&ancestordn);
+ slapi_sdn_done(&ancestorsdn);
return( NULL );
}
/* else fall through to no such object */
@@ -187,8 +188,8 @@ find_entry_internal_dn(
slapi_send_ldap_result( pb, ( 0 == err || DB_NOTFOUND == err ) ?
LDAP_NO_SUCH_OBJECT : ( LDAP_INVALID_DN_SYNTAX == err ) ?
LDAP_INVALID_DN_SYNTAX : LDAP_OPERATIONS_ERROR,
- (char*)slapi_sdn_get_dn(&ancestordn), NULL, 0, NULL );
- slapi_sdn_done(&ancestordn);
+ (char*)slapi_sdn_get_dn(&ancestorsdn), NULL, 0, NULL );
+ slapi_sdn_done(&ancestorsdn);
CACHE_RETURN( &inst->inst_cache, &me );
}
@@ -276,17 +277,21 @@ find_entry_internal(
}
else
{
- Slapi_DN sdn;
- struct backentry *entry;
+ struct backentry *entry = NULL;
- slapi_sdn_init_dn_ndn_byref (&sdn, addr->dn); /* normalized by front end */
LDAPDebug( LDAP_DEBUG_TRACE, "=> find_entry_internal (dn=%s) lock %d\n",
- addr->dn, lock, 0 );
- entry = find_entry_internal_dn (pb, be, &sdn, lock, txn, really_internal);
- slapi_sdn_done (&sdn);
+ slapi_sdn_get_dn(addr->sdn), lock, 0 );
+ if (addr->sdn) {
+ entry = find_entry_internal_dn (pb, be, addr->sdn,
+ lock, txn, really_internal);
+ } else {
+ LDAPDebug0Args( LDAP_DEBUG_ANY,
+ "find_entry_internal: Null target dn\n" );
+ }
+
+ LDAPDebug0Args( LDAP_DEBUG_TRACE, "<= find_entry_internal\n" );
return entry;
}
-
}
struct backentry *
diff --git a/ldap/servers/slapd/back-ldbm/id2entry.c b/ldap/servers/slapd/back-ldbm/id2entry.c
index 12e2951..bd51a7f 100644
--- a/ldap/servers/slapd/back-ldbm/id2entry.c
+++ b/ldap/servers/slapd/back-ldbm/id2entry.c
@@ -358,40 +358,40 @@ id2entry( backend *be, ID id, back_txn *txn, int *err )
/* data.dptr may not include rdn: ..., try "dn: ..." */
ee = slapi_str2entry( data.dptr, SLAPI_STR2ENTRY_NO_ENTRYDN );
} else {
- char *dn = NULL;
+ char *normdn = NULL;
struct backdn *bdn = dncache_find_id(&inst->inst_dncache, id);
if (bdn) {
- dn = slapi_ch_strdup(slapi_sdn_get_dn(bdn->dn_sdn));
+ normdn = slapi_ch_strdup(slapi_sdn_get_dn(bdn->dn_sdn));
slapi_log_error(SLAPI_LOG_CACHE, ID2ENTRY,
- "dncache_find_id returned: %s\n", dn);
+ "dncache_find_id returned: %s\n", normdn);
CACHE_RETURN(&inst->inst_dncache, &bdn);
} else {
Slapi_DN *sdn = NULL;
- rc = entryrdn_lookup_dn(be, rdn, id, &dn, txn);
+ rc = entryrdn_lookup_dn(be, rdn, id, &normdn, txn);
if (rc) {
slapi_log_error(SLAPI_LOG_TRACE, ID2ENTRY,
"id2entry: entryrdn look up failed "
"(rdn=%s, ID=%d)\n", rdn, id);
/* Try rdn as dn. Could be RUV. */
- dn = slapi_ch_strdup(rdn);
+ normdn = slapi_ch_strdup(rdn);
}
- sdn = slapi_sdn_new_dn_byval((const char *)dn);
+ sdn = slapi_sdn_new_normdn_byval((const char *)normdn);
bdn = backdn_init(sdn, id, 0);
if (CACHE_ADD( &inst->inst_dncache, bdn, NULL )) {
backdn_free(&bdn);
slapi_log_error(SLAPI_LOG_CACHE, ID2ENTRY,
- "%s is already in the dn cache\n", dn);
+ "%s is already in the dn cache\n", normdn);
} else {
CACHE_RETURN(&inst->inst_dncache, &bdn);
slapi_log_error(SLAPI_LOG_CACHE, ID2ENTRY,
"entryrdn_lookup_dn returned: %s, "
- "and set to dn cache (id %d)\n", dn, id);
+ "and set to dn cache (id %d)\n", normdn, id);
}
}
- ee = slapi_str2entry_ext( (const char *)dn, data.dptr,
+ ee = slapi_str2entry_ext( (const char *)normdn, data.dptr,
SLAPI_STR2ENTRY_NO_ENTRYDN );
slapi_ch_free_string(&rdn);
- slapi_ch_free_string(&dn);
+ slapi_ch_free_string(&normdn);
}
} else {
ee = slapi_str2entry( data.dptr, 0 );
diff --git a/ldap/servers/slapd/back-ldbm/idl_common.c b/ldap/servers/slapd/back-ldbm/idl_common.c
index 593a036..f04f8de 100644
--- a/ldap/servers/slapd/back-ldbm/idl_common.c
+++ b/ldap/servers/slapd/back-ldbm/idl_common.c
@@ -133,7 +133,7 @@ idl_append_extend(IDList **orig_idl, ID id)
IDList *idl = *orig_idl;
if (idl == NULL) {
- idl = idl_alloc(1);
+ idl = idl_alloc(32); /* used to be 0 */
idl_append(idl, id);
*orig_idl = idl;
@@ -151,9 +151,7 @@ idl_append_extend(IDList **orig_idl, ID id)
}
/* copy over the existing contents */
idl_new->b_nids = idl->b_nids;
- for (x = 0; x < idl->b_nids;x++) {
- idl_new->b_ids[x] = idl->b_ids[x];
- }
+ memcpy(idl_new->b_ids, idl->b_ids, sizeof(ID) * idl->b_nids);
idl_free(idl);
idl = idl_new;
}
diff --git a/ldap/servers/slapd/back-ldbm/import-threads.c b/ldap/servers/slapd/back-ldbm/import-threads.c
index 207c470..e95d32f 100644
--- a/ldap/servers/slapd/back-ldbm/import-threads.c
+++ b/ldap/servers/slapd/back-ldbm/import-threads.c
@@ -521,6 +521,7 @@ import_producer(void *param)
if (!(str2entry_flags & SLAPI_STR2ENTRY_INCLUDE_VERSION_STR) &&
entryrdn_get_switch()) { /* subtree-rename: on */
char *dn = NULL;
+ char *normdn = NULL;
int rc = 0; /* estr should start with "dn: " or "dn:: " */
if (strncmp(estr, "dn: ", 4) &&
NULL == strstr(estr, "\ndn: ") && /* in case comments precedes
@@ -541,8 +542,11 @@ import_producer(void *param)
FREE(estr);
continue;
}
- e = slapi_str2entry_ext(dn, estr, flags|SLAPI_STR2ENTRY_NO_ENTRYDN);
+ normdn = slapi_create_dn_string("%s", dn);
slapi_ch_free_string(&dn);
+ e = slapi_str2entry_ext(normdn, estr,
+ flags|SLAPI_STR2ENTRY_NO_ENTRYDN);
+ slapi_ch_free_string(&normdn);
} else {
e = slapi_str2entry(estr, flags);
}
@@ -1038,16 +1042,16 @@ index_producer(void *param)
}
}
} else {
- char *dn = NULL;
+ char *normdn = NULL;
struct backdn *bdn =
dncache_find_id(&inst->inst_dncache, temp_id);
if (bdn) {
/* don't free dn */
- dn = (char *)slapi_sdn_get_dn(bdn->dn_sdn);
+ normdn = (char *)slapi_sdn_get_dn(bdn->dn_sdn);
CACHE_RETURN(&inst->inst_dncache, &bdn);
} else {
Slapi_DN *sdn = NULL;
- rc = entryrdn_lookup_dn(be, rdn, temp_id, &dn, NULL);
+ rc = entryrdn_lookup_dn(be, rdn, temp_id, &normdn, NULL);
if (rc) {
/* We cannot use the entryrdn index;
* Compose dn from the entries in id2entry */
@@ -1090,21 +1094,21 @@ index_producer(void *param)
continue;
}
}
- dn = slapi_ch_smprintf("%s%s%s",
+ normdn = slapi_ch_smprintf("%s%s%s",
rdn, pdn?",":"", pdn?pdn:"");
slapi_ch_free_string(&pdn);
}
/* dn is not dup'ed in slapi_sdn_new_dn_byref.
* It's set to bdn and put in the dn cache. */
- sdn = slapi_sdn_new_dn_byref(dn);
+ sdn = slapi_sdn_new_normdn_byref(normdn);
bdn = backdn_init(sdn, temp_id, 0);
CACHE_ADD( &inst->inst_dncache, bdn, NULL );
CACHE_RETURN(&inst->inst_dncache, &bdn);
slapi_log_error(SLAPI_LOG_CACHE, "ldbm2index",
"entryrdn_lookup_dn returned: %s, "
- "and set to dn cache\n", dn);
+ "and set to dn cache\n", normdn);
}
- e = slapi_str2entry_ext(dn, data.dptr,
+ e = slapi_str2entry_ext(normdn, data.dptr,
SLAPI_STR2ENTRY_NO_ENTRYDN);
slapi_ch_free_string(&rdn);
}
@@ -1283,7 +1287,7 @@ upgradedn_producer(void *param)
struct upgradedn_attr *ud_ptr = NULL;
Slapi_Attr *ud_attr = NULL;
char *ecopy = NULL;
- char *dn = NULL;
+ const char *normdn = NULL;
/* vars for Berkeley DB */
DB_ENV *env = NULL;
@@ -1384,7 +1388,7 @@ upgradedn_producer(void *param)
ecopy = (char *)slapi_ch_malloc(data.dsize + 1);
memcpy(ecopy, data.dptr, data.dsize);
*(ecopy + data.dsize) = '\0';
- dn = NULL;
+ normdn = NULL;
doit = 0;
if (entryrdn_get_switch()) {
char *rdn = NULL;
@@ -1400,10 +1404,11 @@ upgradedn_producer(void *param)
dncache_find_id(&inst->inst_dncache, temp_id);
if (bdn) {
/* don't free dn */
- dn = (char *)slapi_sdn_get_dn(bdn->dn_sdn);
+ normdn = (char *)slapi_sdn_get_dn(bdn->dn_sdn);
CACHE_RETURN(&inst->inst_dncache, &bdn);
} else {
- rc = entryrdn_lookup_dn(be, rdn, temp_id, &dn, NULL);
+ rc = entryrdn_lookup_dn(be, rdn, temp_id,
+ (char **)&normdn, NULL);
if (rc) {
/* We cannot use the entryrdn index;
* Compose dn from the entries in id2entry */
@@ -1446,21 +1451,21 @@ upgradedn_producer(void *param)
continue;
}
}
- dn = slapi_ch_smprintf("%s%s%s",
+ normdn = slapi_ch_smprintf("%s%s%s",
rdn, pdn?",":"", pdn?pdn:"");
slapi_ch_free_string(&pdn);
}
/* dn is not dup'ed in slapi_sdn_new_dn_byref.
* It's set to bdn and put in the dn cache. */
- sdn = slapi_sdn_new_dn_byref(dn);
+ sdn = slapi_sdn_new_normdn_byref(normdn);
bdn = backdn_init(sdn, temp_id, 0);
CACHE_ADD( &inst->inst_dncache, bdn, NULL );
CACHE_RETURN(&inst->inst_dncache, &bdn);
slapi_log_error(SLAPI_LOG_CACHE, "ldbm2index",
"entryrdn_lookup_dn returned: %s, "
- "and set to dn cache\n", dn);
+ "and set to dn cache\n", normdn);
}
- e = slapi_str2entry_ext(dn, data.dptr,
+ e = slapi_str2entry_ext(normdn, data.dptr,
SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT);
slapi_ch_free_string(&rdn);
}
@@ -1485,23 +1490,13 @@ upgradedn_producer(void *param)
* SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT
* -- normalize it with the new format
*/
- if (!dn) {
- get_value_from_string((const char *)ecopy, "dn", &dn);
+ if (!normdn) {
+ get_value_from_string((const char *)ecopy, "dn", (char **)&normdn);
}
- if (dn) {
- char *dest = NULL;
- size_t dest_len = 0;
-
- rc = slapi_dn_normalize_ext(dn, strlen(dn), &dest, &dest_len);
- if (rc > 0) {
- slapi_ch_free_string(&dn);
- dn = dest;
- } else {
- *(dn + dest_len) = '\0'; /* src is passed in;
- it's possible dn_len < dest_len */
- }
+ if (normdn) {
slapi_sdn_done(&(e->e_sdn));
- slapi_sdn_init_dn_passin(&(e->e_sdn), dn);
+ slapi_sdn_init_dn_passin(&(e->e_sdn), normdn);
+ normdn = slapi_sdn_get_dn(&(e->e_sdn));
}
/* From here, e != NULL */
@@ -1559,7 +1554,7 @@ upgradedn_producer(void *param)
if (rc) {
LDAPDebug(LDAP_DEBUG_ANY, "%s: Failed to add rdn values "
"to an entry: %s (id %lu)\n",
- inst->inst_name, dn, (u_long)temp_id);
+ inst->inst_name, normdn, (u_long)temp_id);
slapi_entry_free(e); e = NULL;
continue;
}
@@ -1636,7 +1631,7 @@ upgradedn_producer(void *param)
LDAPDebug(LDAP_DEBUG_ANY,
"%s: Failed to add rdn values "
"to an entry: %s (id %lu)\n",
- inst->inst_name, dn, (u_long)temp_id);
+ inst->inst_name, normdn, (u_long)temp_id);
slapi_entry_free(e); e = NULL;
continue;
}
@@ -2251,12 +2246,11 @@ import_foreman(void *param)
char *new_dn = NULL;
char *orig_dn =
slapi_ch_strdup(slapi_entry_get_dn(fi->entry->ep_entry));
- int rc = 0;
nsuniqueid = attrlist_find(fi->entry->ep_entry->e_attrs,
"nsuniqueid");
if (nsuniqueid) {
Slapi_Value *uival = NULL;
- rc = slapi_attr_first_value(nsuniqueid, &uival);
+ slapi_attr_first_value(nsuniqueid, &uival);
uuidstr = slapi_value_get_string(uival);
} else {
import_log_notice(job, "ERROR: Failed to get nsUniqueId "
@@ -3453,9 +3447,8 @@ import_get_and_add_parent_rdns(ImportWorkerInfo *info,
{
int rc = -1;
struct backdn *bdn = NULL;
- struct ldbminfo *li = NULL;
Slapi_Entry *e = NULL;
- char *dn = NULL;
+ char *normdn = NULL;
if (!entryrdn_get_switch()) { /* entryrdn specific function */
return rc;
@@ -3466,7 +3459,6 @@ import_get_and_add_parent_rdns(ImportWorkerInfo *info,
NULL==inst?"inst":"srdn");
return rc;
}
- li = inst->inst_li;
/* first, try the dn cache */
bdn = dncache_find_id(&inst->inst_dncache, id);
@@ -3563,8 +3555,8 @@ import_get_and_add_parent_rdns(ImportWorkerInfo *info,
}
}
- dn = NULL;
- rc = slapi_rdn_get_dn(&mysrdn, &dn);
+ normdn = NULL;
+ rc = slapi_rdn_get_dn(&mysrdn, &normdn);
if (rc) {
LDAPDebug2Args( LDAP_DEBUG_ANY,
"import_get_and_add_parent_rdns: "
@@ -3572,7 +3564,7 @@ import_get_and_add_parent_rdns(ImportWorkerInfo *info,
"from Slapi_RDN\n", rdn, id);
goto bail;
}
- e = slapi_str2entry_ext(dn, data.dptr, SLAPI_STR2ENTRY_NO_ENTRYDN);
+ e = slapi_str2entry_ext(normdn, data.dptr, SLAPI_STR2ENTRY_NO_ENTRYDN);
(*curr_entry)++;
rc = index_set_entry_to_fifo(info, e, id, total_id, *curr_entry);
if (rc) {
diff --git a/ldap/servers/slapd/back-ldbm/index.c b/ldap/servers/slapd/back-ldbm/index.c
index c8be27a..08218ad 100644
--- a/ldap/servers/slapd/back-ldbm/index.c
+++ b/ldap/servers/slapd/back-ldbm/index.c
@@ -874,7 +874,7 @@ index_read_ext_allids(
(0 == PL_strcasecmp(basetype, LDBM_ENTRYDN_STR))) {
int rc = 0;
ID id = 0;
- Slapi_DN sdn = {0};
+ Slapi_DN sdn;
/* We don't need these values... */
index_free_prefix( prefix );
diff --git a/ldap/servers/slapd/back-ldbm/instance.c b/ldap/servers/slapd/back-ldbm/instance.c
index 74a01a8..0217e96 100644
--- a/ldap/servers/slapd/back-ldbm/instance.c
+++ b/ldap/servers/slapd/back-ldbm/instance.c
@@ -141,6 +141,7 @@ int ldbm_instance_create(backend *be, char *name)
goto done;
error:
+ slapi_ch_free_string(&inst->inst_name);
slapi_ch_free((void**)&inst);
done:
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index 5ade337..0fd612b 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -79,7 +79,7 @@ ldbm_back_add( Slapi_PBlock *pb )
backend *be;
struct ldbminfo *li;
ldbm_instance *inst;
- char *dn = NULL;
+ const char *dn = NULL;
Slapi_Entry *e = NULL;
struct backentry *tombstoneentry = NULL;
struct backentry *addingentry = NULL;
@@ -105,7 +105,7 @@ ldbm_back_add( Slapi_PBlock *pb )
int addingentry_id_assigned= 0;
int addingentry_in_cache= 0;
int tombstone_in_cache= 0;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_DN parentsdn;
Slapi_Operation *operation;
int dblock_acquired= 0;
@@ -134,7 +134,6 @@ ldbm_back_add( Slapi_PBlock *pb )
inst = (ldbm_instance *) be->be_instance_info;
/* sdn & parentsdn need to be initialized before "goto *_return" */
- slapi_sdn_init(&sdn);
slapi_sdn_init(&parentsdn);
/* Get rid of ldbm backend attributes that you are not allowed to specify yourself */
@@ -195,17 +194,21 @@ ldbm_back_add( Slapi_PBlock *pb )
{
/* Check if an entry with the intended uniqueid already exists. */
done_with_pblock_entry(pb,SLAPI_ADD_EXISTING_UNIQUEID_ENTRY); /* Could be through this multiple times */
- addr.dn = addr.udn = NULL;
+ addr.udn = NULL;
+ addr.sdn = NULL;
addr.uniqueid = (char*)slapi_entry_get_uniqueid(e); /* jcm - cast away const */
ldap_result_code= get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_EXISTING_UNIQUEID_ENTRY, !is_replicated_operation);
}
if(slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_EXISTING_DN_ENTRY))
{
- slapi_pblock_get( pb, SLAPI_ADD_TARGET, &dn );
- if (NULL == dn)
+ slapi_pblock_get( pb, SLAPI_ADD_TARGET_SDN, &sdn );
+ if (NULL == sdn)
{
+ LDAPDebug0Args(LDAP_DEBUG_ANY,
+ "ldbm_back_add: Null target dn\n");
goto error_return;
}
+ dn = slapi_sdn_get_dn(sdn);
ldap_result_code = slapi_dn_syntax_check(pb, dn, 1);
if (ldap_result_code)
{
@@ -213,11 +216,10 @@ ldbm_back_add( Slapi_PBlock *pb )
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
goto error_return;
}
- slapi_sdn_set_dn_byref(&sdn, dn);
- slapi_sdn_get_backend_parent(&sdn,&parentsdn,pb->pb_backend);
+ slapi_sdn_get_backend_parent(sdn, &parentsdn, pb->pb_backend);
/* Check if an entry with the intended DN already exists. */
done_with_pblock_entry(pb,SLAPI_ADD_EXISTING_DN_ENTRY); /* Could be through this multiple times */
- addr.dn = dn;
+ addr.sdn = sdn;
addr.udn = NULL;
addr.uniqueid = NULL;
ldap_result_code= get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_EXISTING_DN_ENTRY, !is_replicated_operation);
@@ -233,7 +235,7 @@ ldbm_back_add( Slapi_PBlock *pb )
slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_PARENT_ENTRY))
{
done_with_pblock_entry(pb,SLAPI_ADD_PARENT_ENTRY); /* Could be through this multiple times */
- addr.dn = (char*)slapi_sdn_get_dn (&parentsdn); /* get_copy_of_entry assumes the DN is not normalized */
+ addr.sdn = &parentsdn;
addr.udn = NULL;
addr.uniqueid = operation->o_params.p.p_add.parentuniqueid;
ldap_result_code= get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_PARENT_ENTRY, !is_replicated_operation);
@@ -273,7 +275,7 @@ ldbm_back_add( Slapi_PBlock *pb )
*/
if(have_parent_address(&parentsdn, operation->o_params.p.p_add.parentuniqueid))
{
- addr.dn = (char*)slapi_sdn_get_dn (&parentsdn);
+ addr.sdn = &parentsdn;
addr.udn = NULL;
addr.uniqueid = operation->o_params.p.p_add.parentuniqueid;
parententry = find_entry2modify_only(pb,be,&addr,&txn);
@@ -311,10 +313,11 @@ ldbm_back_add( Slapi_PBlock *pb )
if ( !managedsait && !is_tombstone_operation )
{
int err= 0;
- Slapi_DN ancestordn= {0};
+ Slapi_DN ancestorsdn;
struct backentry *ancestorentry;
- ancestorentry= dn2ancestor(pb->pb_backend,&sdn,&ancestordn,&txn,&err);
- slapi_sdn_done(&ancestordn);
+ slapi_sdn_init(&ancestorsdn);
+ ancestorentry= dn2ancestor(pb->pb_backend,sdn,&ancestorsdn,&txn,&err);
+ slapi_sdn_done(&ancestorsdn);
if ( ancestorentry != NULL )
{
int sentreferral= check_entry_for_referral(pb, ancestorentry->ep_entry, backentry_get_ndn(ancestorentry), "ldbm_back_add");
@@ -355,7 +358,8 @@ ldbm_back_add( Slapi_PBlock *pb )
* When we resurect a tombstone we must use its UniqueID
* to find the tombstone entry and lock it down in the cache.
*/
- addr.dn = addr.udn = NULL;
+ addr.udn = NULL;
+ addr.sdn = NULL;
addr.uniqueid = (char *)slapi_entry_get_uniqueid(e); /* jcm - cast away const */
tombstoneentry = find_entry2modify( pb, be, &addr, &txn );
if ( tombstoneentry==NULL )
@@ -368,7 +372,7 @@ ldbm_back_add( Slapi_PBlock *pb )
addingentry = backentry_dup( tombstoneentry );
if ( addingentry==NULL )
{
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ ldap_result_code= LDAP_OPERATIONS_ERROR;
goto error_return;
}
/*
@@ -378,9 +382,12 @@ ldbm_back_add( Slapi_PBlock *pb )
* The entry comes back to life as a Glue entry, so we add the
* magic objectclass.
*/
- slapi_pblock_get( pb, SLAPI_ADD_TARGET, &dn );
- slapi_sdn_set_dn_byref(&sdn, dn);
- slapi_entry_set_dn(addingentry->ep_entry, slapi_ch_strdup(dn)); /* The DN is passed into the entry. */
+ if (NULL == sdn) {
+ LDAPDebug0Args(LDAP_DEBUG_ANY, "ldbm_back_add: Null target dn\n");
+ goto error_return;
+ }
+ dn = slapi_sdn_get_dn(sdn);
+ slapi_entry_set_sdn(addingentry->ep_entry, sdn); /* The DN is passed into the entry. */
/* LPREPL: the DN is normalized...Somehow who should get a not normalized one */
addingentry->ep_id = slapi_entry_attr_get_ulong(addingentry->ep_entry,"entryid");
slapi_entry_attr_delete(addingentry->ep_entry, SLAPI_ATTR_VALUE_PARENT_UNIQUEID);
@@ -541,19 +548,20 @@ ldbm_back_add( Slapi_PBlock *pb )
{
/* Here means that we didn't find the parent */
int err = 0;
- Slapi_DN ancestordn= {0};
+ Slapi_DN ancestorsdn;
struct backentry *ancestorentry;
LDAPDebug( LDAP_DEBUG_TRACE,
"parent does not exist, pdn = %s\n",
slapi_sdn_get_dn(&parentsdn), 0, 0 );
- ancestorentry = dn2ancestor(be, &parentsdn, &ancestordn, &txn, &err );
+ slapi_sdn_init(&ancestorsdn);
+ ancestorentry = dn2ancestor(be, &parentsdn, &ancestorsdn, &txn, &err );
CACHE_RETURN( &inst->inst_cache, &ancestorentry );
ldap_result_code= LDAP_NO_SUCH_OBJECT;
- ldap_result_matcheddn= slapi_ch_strdup((char *)slapi_sdn_get_dn(&ancestordn)); /* jcm - cast away const. */
- slapi_sdn_done(&ancestordn);
+ ldap_result_matcheddn= slapi_ch_strdup((char *)slapi_sdn_get_dn(&ancestorsdn)); /* jcm - cast away const. */
+ slapi_sdn_done(&ancestorsdn);
goto error_return;
}
ldap_result_code = plugin_call_acl_plugin (pb, e, NULL, NULL, SLAPI_ACL_ADD,
@@ -742,7 +750,11 @@ ldbm_back_add( Slapi_PBlock *pb )
}
goto error_return;
}
- retval = index_addordel_string(be,SLAPI_ATTR_NSCP_ENTRYDN,slapi_sdn_get_ndn(&sdn),addingentry->ep_id,BE_INDEX_DEL,&txn);
+ retval = index_addordel_string(be,
+ SLAPI_ATTR_NSCP_ENTRYDN,
+ slapi_sdn_get_ndn(sdn),
+ addingentry->ep_id,
+ BE_INDEX_DEL, &txn);
if (DB_LOCK_DEADLOCK == retval) {
LDAPDebug( LDAP_DEBUG_ARGS, "add 4 DB_LOCK_DEADLOCK\n", 0, 0, 0 );
/* Retry txn */
@@ -1011,7 +1023,6 @@ common_return:
{
slapi_send_ldap_result( pb, ldap_result_code, ldap_result_matcheddn, ldap_result_message, 0, NULL );
}
- slapi_sdn_done(&sdn);
slapi_sdn_done(&parentsdn);
slapi_ch_free( (void**)&ldap_result_matcheddn );
slapi_ch_free( (void**)&errbuf );
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_config.c b/ldap/servers/slapd/back-ldbm/ldbm_config.c
index 558e1e9..b179591 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_config.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_config.c
@@ -1344,20 +1344,21 @@ void ldbm_config_setup_default(struct ldbminfo *li)
}
}
-void
+int
ldbm_config_read_instance_entries(struct ldbminfo *li, const char *backend_type)
{
Slapi_PBlock *tmp_pb;
Slapi_Entry **entries = NULL;
char *basedn = NULL;
+ int rc = 0;
/* Construct the base dn of the subtree that holds the instance entries. */
basedn = slapi_create_dn_string("cn=%s,cn=plugins,cn=config", backend_type);
if (NULL == basedn) {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
"ldbm_config_read_instance_entries: "
- "failed create backend dn for %s\n", backend_type);
- return;
+ "failed to create backend dn for %s\n", backend_type);
+ return 1;
}
/* Do a search of the subtree containing the instance entries */
@@ -1368,13 +1369,24 @@ ldbm_config_read_instance_entries(struct ldbminfo *li, const char *backend_type)
if (entries!=NULL) {
int i;
for (i=0; entries[i]!=NULL; i++) {
- ldbm_instance_add_instance_entry_callback(NULL, entries[i], NULL, NULL, NULL, li);
+ rc = ldbm_instance_add_instance_entry_callback(NULL,
+ entries[i], NULL, NULL, NULL, li);
+ if (SLAPI_DSE_CALLBACK_ERROR == rc) {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "ldbm_config_read_instance_entries: "
+ "failed to add instance entry %s\n",
+ slapi_entry_get_dn_const(entries[i]));
+ break;
+ }
+ rc = 0;
}
}
slapi_free_search_results_internal(tmp_pb);
slapi_pblock_destroy(tmp_pb);
slapi_ch_free_string(&basedn);
+
+ return rc;
}
/* Reads in any config information held in the dse for the ldbm plugin.
@@ -1453,7 +1465,13 @@ int ldbm_config_load_dse_info(struct ldbminfo *li)
/* Find all the instance entries and create a Slapi_Backend and an
* ldbm_instance for each */
- ldbm_config_read_instance_entries(li, li->li_plugin->plg_name);
+ rval = ldbm_config_read_instance_entries(li, li->li_plugin->plg_name);
+ if (rval) {
+ LDAPDebug0Args(LDAP_DEBUG_ANY,
+ "ldbm_config_load_dse_info: "
+ "failed to read instance entries\n");
+ goto bail;
+ }
/* setup the dse callback functions for the ldbm backend config entry */
slapi_config_register_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP, dn,
@@ -1473,7 +1491,7 @@ int ldbm_config_load_dse_info(struct ldbminfo *li)
if (NULL == dn) {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
"ldbm_config_load_dse_info: "
- "failed create monitor dn for %s\n",
+ "failed to create monitor dn for %s\n",
li->li_plugin->plg_name);
rval = 1;
goto bail;
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 40aed48..c1f1142 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -76,6 +76,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
int ldap_result_code= LDAP_SUCCESS;
char *ldap_result_message= NULL;
Slapi_DN sdn;
+ Slapi_DN *sdnp = NULL;
char *e_uniqueid = NULL;
Slapi_DN *nscpEntrySDN = NULL;
int dblock_acquired= 0;
@@ -97,13 +98,13 @@ ldbm_back_delete( Slapi_PBlock *pb )
slapi_pblock_get( pb, SLAPI_BACKEND, &be);
slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &li );
- slapi_pblock_get( pb, SLAPI_DELETE_TARGET, &dn );
+ slapi_pblock_get( pb, SLAPI_DELETE_TARGET_SDN, &sdnp );
slapi_pblock_get( pb, SLAPI_TARGET_ADDRESS, &addr);
slapi_pblock_get( pb, SLAPI_TXN, (void**)&parent_txn );
slapi_pblock_get( pb, SLAPI_OPERATION, &operation );
slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation );
- /* sdn & parentsdn need to be initialized before "goto *_return */
+ /* sdn needs to be initialized before "goto *_return */
slapi_sdn_init(&sdn);
/* dblayer_txn_init needs to be called before "goto error_return" */
@@ -122,7 +123,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
/* retval is -1 */
goto error_return;
}
- ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
+ ldap_result_code = slapi_dn_syntax_check(pb, slapi_sdn_get_dn(sdnp), 1);
if (ldap_result_code)
{
ldap_result_code = LDAP_INVALID_DN_SYNTAX;
@@ -137,7 +138,10 @@ ldbm_back_delete( Slapi_PBlock *pb )
inst = (ldbm_instance *) be->be_instance_info;
- slapi_sdn_init_dn_byref(&sdn,dn);
+ if (NULL == sdnp) {
+ slapi_sdn_init_normdn_byref(&sdn, dn);
+ sdnp = &sdn;
+ }
/* The dblock serializes writes to the database,
* which reduces deadlocking in the db code,
@@ -318,13 +322,13 @@ ldbm_back_delete( Slapi_PBlock *pb )
Slapi_DN parentsdn;
slapi_sdn_init(&parentsdn);
- slapi_sdn_get_backend_parent(&sdn,&parentsdn,pb->pb_backend);
+ slapi_sdn_get_backend_parent(sdnp, &parentsdn, pb->pb_backend);
if ( !slapi_sdn_isempty(&parentsdn) )
{
struct backentry *parent = NULL;
entry_address parent_addr;
- parent_addr.dn = (char*)slapi_sdn_get_dn (&parentsdn);
+ parent_addr.sdn = &parentsdn;
parent_addr.uniqueid = NULL;
parent = find_entry2modify_only(pb,be,&parent_addr,&txn);
if (NULL != parent) {
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
index 2f1e648..54f22a3 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
@@ -445,7 +445,7 @@ entryrdn_rename_subtree(backend *be,
slapi_log_error(SLAPI_LOG_FATAL, ENTRYRDN_TAG,
"entryrdn_rename_subtree: Param error: Empty %s\n",
NULL==be?"backend":NULL==oldsdn?"old dn":
- (NULL==mynewsrdn&&NULL==mynewsupsdn)?"new dn and new superior":
+ (NULL==newsrdn&&NULL==newsupsdn)?"new dn and new superior":
0==id?"id":"unknown");
goto bail;
}
@@ -1015,7 +1015,6 @@ entryrdn_lookup_dn(backend *be,
char *nrdn = NULL;
size_t nrdn_len = 0;
ID workid = id; /* starting from the given id */
- ID previd = id;
rdn_elem *elem = NULL;
int maybesuffix = 0;
@@ -1111,7 +1110,6 @@ retry_get1:
}
/* Iterate over the duplicates to get the direct child's ID */
- previd = workid;
workid = 0;
if (maybesuffix) {
/* it is a suffix, indeed. done. */
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c b/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
index 7709cfb..88b20d0 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
@@ -773,8 +773,8 @@ ldbm_instance_modify_config_entry_callback(Slapi_PBlock *pb, Slapi_Entry* entryB
if (strcasecmp(attr_name, CONFIG_INSTANCE_SUFFIX) == 0) {
/* naughty naughty, we don't allow this */
rc = LDAP_UNWILLING_TO_PERFORM;
- PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
- "Can't change the root suffix of a backend");
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "Can't change the root suffix of a backend");
LDAPDebug(LDAP_DEBUG_ANY,
"ldbm: modify attempted to change the root suffix "
"of a backend (which is not allowed)\n",
@@ -841,10 +841,13 @@ static int ldbm_instance_generate(struct ldbminfo *li, char *instance_name,
new_be = slapi_be_new(LDBM_DATABASE_TYPE_NAME /* type */, instance_name,
0 /* public */, 1 /* do log changes */);
new_be->be_database = li->li_plugin;
- ldbm_instance_create(new_be, instance_name);
+ rc = ldbm_instance_create(new_be, instance_name);
+ if (rc) {
+ goto bail;
+ }
ldbm_instance_config_load_dse_info(new_be->be_instance_info);
- rc = ldbm_instance_create_default_indexes(new_be);
+ ldbm_instance_create_default_indexes(new_be);
/* if USN plugin is enabled, set slapi_counter */
if (plugin_enabled("USN", li->li_identity) && ldbm_back_isinitialized()) {
@@ -867,7 +870,7 @@ static int ldbm_instance_generate(struct ldbminfo *li, char *instance_name,
if (ret_be != NULL) {
*ret_be = new_be;
}
-
+bail:
return rc;
}
@@ -881,7 +884,13 @@ ldbm_instance_postadd_instance_entry_callback(Slapi_PBlock *pb, Slapi_Entry* ent
int rval = 0;
parse_ldbm_instance_entry(entryBefore, &instance_name);
- ldbm_instance_generate(li, instance_name, &be);
+ rval = ldbm_instance_generate(li, instance_name, &be);
+ if (rval) {
+ LDAPDebug(LDAP_DEBUG_ANY,
+ "ldbm_instance_postadd_instance_entry_callback: "
+ "ldbm_instance_generate (%s) failed (%d)\n",
+ instance_name, rval, 0);
+ }
inst = ldbm_instance_find_by_name(li, instance_name);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index ff2fc97..1a85e14 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -244,7 +244,7 @@ ldbm_back_modify( Slapi_PBlock *pb )
{
goto error_return;
}
- ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
+ ldap_result_code = slapi_dn_syntax_check(pb, slapi_sdn_get_dn(addr->sdn), 1);
if (ldap_result_code)
{
ldap_result_code = LDAP_INVALID_DN_SYNTAX;
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index bcbe9c7..493e476 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -90,10 +90,10 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
IDList *children= NULL;
struct backentry **child_entries = NULL;
struct backdn **child_dns = NULL;
- Slapi_DN dn_olddn = {0};
- Slapi_DN dn_newdn = {0};
- Slapi_DN dn_newrdn = {0};
- Slapi_DN dn_newsuperiordn = {0};
+ Slapi_DN *sdn = NULL;
+ Slapi_DN dn_newdn;
+ Slapi_DN dn_newrdn;
+ Slapi_DN *dn_newsuperiordn = NULL;
Slapi_DN dn_parentdn;
int rc;
int isroot;
@@ -109,15 +109,15 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
entry_address *old_addr;
entry_address oldparent_addr;
entry_address *newsuperior_addr;
- char *dn;
char ebuf[BUFSIZ];
CSN *opcsn = NULL;
/* sdn & parentsdn need to be initialized before "goto *_return" */
slapi_sdn_init(&dn_newdn);
+ slapi_sdn_init(&dn_newrdn);
slapi_sdn_init(&dn_parentdn);
- slapi_pblock_get( pb, SLAPI_MODRDN_TARGET, &dn );
+ slapi_pblock_get( pb, SLAPI_MODRDN_TARGET_SDN, &sdn );
slapi_pblock_get( pb, SLAPI_BACKEND, &be);
slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &li );
slapi_pblock_get( pb, SLAPI_TXN, (void**)&parent_txn );
@@ -127,6 +127,12 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
is_ruv = operation_is_flag_set(operation, OP_FLAG_REPL_RUV);
is_fixup_operation = operation_is_flag_set(operation, OP_FLAG_REPL_FIXUP);
+ if (NULL == sdn) {
+ slapi_send_ldap_result( pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "Null target DN", 0, NULL );
+ return( -1 );
+ }
+
/* dblayer_txn_init needs to be called before "goto error_return" */
dblayer_txn_init(li,&txn);
/* the calls to search for entries require the parent txn if any
@@ -140,23 +146,21 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
inst = (ldbm_instance *) be->be_instance_info;
{
- char *newrdn, *newsuperiordn;
+ char *newrdn/* , *newsuperiordn */;
slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
- slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperiordn );
- slapi_sdn_init_dn_byref(&dn_olddn,dn);
- slapi_sdn_init_dn_byref(&dn_newrdn,newrdn);
- slapi_sdn_init_dn_byref(&dn_newsuperiordn,newsuperiordn);
- slapi_sdn_get_parent(&dn_olddn,&dn_parentdn);
+ slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &dn_newsuperiordn );
+ slapi_sdn_init_normdn_byref(&dn_newrdn, newrdn);
+ /* slapi_sdn_init_normdn_byref(&dn_newsuperiordn, newsuperiordn); */
+ slapi_sdn_get_parent(sdn, &dn_parentdn);
}
/* if old and new superior are equals, newsuperior should not be set
* Here we have to reset newsuperiordn in order to save processing and
* avoid later deadlock when trying to fetch twice the same entry
*/
- if (slapi_sdn_compare(&dn_newsuperiordn, &dn_parentdn) == 0)
+ if (slapi_sdn_compare(dn_newsuperiordn, &dn_parentdn) == 0)
{
- slapi_sdn_done(&dn_newsuperiordn);
- slapi_sdn_init_dn_byref(&dn_newsuperiordn,NULL);
+ slapi_sdn_done(dn_newsuperiordn);
}
/*
@@ -164,7 +168,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
* Replicated Operations are allowed to change the superior
*/
if ( !entryrdn_get_switch() &&
- (!is_replicated_operation && !slapi_sdn_isempty(&dn_newsuperiordn)))
+ (!is_replicated_operation && !slapi_sdn_isempty(dn_newsuperiordn)))
{
slapi_send_ldap_result( pb, LDAP_UNWILLING_TO_PERFORM, NULL,
"server does not support moving of entries", 0, NULL );
@@ -213,14 +217,15 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/* see if an entry with the new name already exists */
done_with_pblock_entry(pb,SLAPI_MODRDN_EXISTING_ENTRY); /* Could be through this multiple times */
- slapi_sdn_done(&dn_newrdn);
slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &newrdn);
- slapi_sdn_init_dn_byref(&dn_newrdn,newrdn);
- newdn= moddn_get_newdn(pb,&dn_olddn,&dn_newrdn,&dn_newsuperiordn);
+ slapi_sdn_init_normdn_byref(&dn_newrdn, newrdn);
+ newdn= moddn_get_newdn(pb,sdn, &dn_newrdn, dn_newsuperiordn);
slapi_sdn_set_dn_passin(&dn_newdn,newdn);
- new_addr.dn = (char*)slapi_sdn_get_ndn (&dn_newdn);
+ new_addr.sdn = &dn_newdn;
+ new_addr.udn = NULL;
/* check dn syntax on newdn */
- ldap_result_code = slapi_dn_syntax_check(pb, new_addr.dn, 1);
+ ldap_result_code = slapi_dn_syntax_check(pb,
+ (char *)slapi_sdn_get_ndn(&dn_newdn), 1);
if (ldap_result_code)
{
ldap_result_code = LDAP_INVALID_DN_SYNTAX;
@@ -241,23 +246,22 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
{
/* find and lock the old parent entry */
done_with_pblock_entry(pb,SLAPI_MODRDN_PARENT_ENTRY); /* Could be through this multiple times */
- oldparent_addr.dn = (char*)slapi_sdn_get_ndn (&dn_parentdn);
+ oldparent_addr.sdn = &dn_parentdn;
oldparent_addr.uniqueid = NULL;
ldap_result_code= get_copy_of_entry(pb, &oldparent_addr, &txn, SLAPI_MODRDN_PARENT_ENTRY, !is_replicated_operation);
}
/* <new superior> */
- if(slapi_sdn_get_ndn(&dn_newsuperiordn)!=NULL &&
+ if(slapi_sdn_get_ndn(dn_newsuperiordn)!=NULL &&
slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_NEWPARENT_ENTRY))
{
/* find and lock the new parent entry */
done_with_pblock_entry(pb,SLAPI_MODRDN_NEWPARENT_ENTRY); /* Could be through this multiple times */
/* Check that this really is a new superior,
* and not the same old one. Compare parentdn & newsuperior */
- if (slapi_sdn_compare(&dn_newsuperiordn, &dn_parentdn) == 0)
+ if (slapi_sdn_compare(dn_newsuperiordn, &dn_parentdn) == 0)
{
- slapi_sdn_done(&dn_newsuperiordn);
- slapi_sdn_init_dn_byref(&dn_newsuperiordn,NULL);
+ slapi_sdn_done(dn_newsuperiordn);
}
else
{
@@ -271,7 +275,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
}
else
{
- my_addr.dn = (char *)slapi_sdn_get_ndn (&dn_newsuperiordn);
+ my_addr.sdn = dn_newsuperiordn;
my_addr.uniqueid = NULL;
newsuperior_addr = &my_addr;
}
@@ -329,7 +333,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if((entry != NULL) &&
/* allow modrdn even if the src dn and dest dn are identical */
(0 != slapi_sdn_compare((const Slapi_DN *)&dn_newdn,
- (const Slapi_DN *)&dn_olddn)))
+ (const Slapi_DN *)sdn)))
{
ldap_result_code= LDAP_ALREADY_EXISTS;
goto error_return;
@@ -337,13 +341,13 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
}
/* Fetch and lock the parent of the entry that is moving */
- oldparent_addr.dn = (char*)slapi_sdn_get_dn (&dn_parentdn);
+ oldparent_addr.sdn = &dn_parentdn;
oldparent_addr.uniqueid = NULL;
parententry = find_entry2modify_only( pb, be, &oldparent_addr, &txn );
modify_init(&parent_modify_context,parententry);
/* Fetch and lock the new parent of the entry that is moving */
- if(slapi_sdn_get_ndn(&dn_newsuperiordn)!=NULL)
+ if(slapi_sdn_get_ndn(dn_newsuperiordn) != NULL)
{
slapi_pblock_get (pb, SLAPI_MODRDN_NEWSUPERIOR_ADDRESS, &newsuperior_addr);
newparententry = find_entry2modify_only( pb, be, newsuperior_addr, &txn );
@@ -376,37 +380,46 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
* instead. Otherwise, a ModRDN operation will potentially change an
* entry's entire DN (at least with respect to case and spacing).
*/
- slapi_sdn_copy( slapi_entry_get_sdn_const( e->ep_entry ), &dn_olddn );
+ slapi_sdn_copy( slapi_entry_get_sdn_const( e->ep_entry ), sdn );
+ slapi_pblock_set( pb, SLAPI_MODRDN_TARGET_SDN, sdn );
if (newparententry != NULL) {
/* don't forget we also want to preserve case of new superior */
- slapi_sdn_copy(slapi_entry_get_sdn_const(newparententry->ep_entry), &dn_newsuperiordn);
+ if (NULL == dn_newsuperiordn) {
+ dn_newsuperiordn = slapi_sdn_dup(
+ slapi_entry_get_sdn_const(newparententry->ep_entry));
+ } else {
+ slapi_sdn_copy(slapi_entry_get_sdn_const(newparententry->ep_entry),
+ dn_newsuperiordn);
+ }
+ slapi_pblock_set( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, dn_newsuperiordn );
}
slapi_sdn_set_dn_passin(&dn_newdn,
- moddn_get_newdn(pb, &dn_olddn, &dn_newrdn, &dn_newsuperiordn));
+ moddn_get_newdn(pb, sdn, &dn_newrdn, dn_newsuperiordn));
/* Check that we're allowed to add an entry below the new superior */
if ( newparententry == NULL )
{
/* There may not be a new parent because we don't intend there to be one. */
- if(slapi_sdn_get_ndn(&dn_newsuperiordn)!=NULL)
+ if(slapi_sdn_get_ndn(dn_newsuperiordn)!=NULL)
{
/* If the new entry is to be a suffix, and we're root, then it's OK that the new parent doesn't exist */
- if(!(slapi_dn_isbesuffix(pb,slapi_sdn_get_ndn(&dn_newdn)) && isroot))
+ if (!(slapi_be_issuffix(pb->pb_backend, &dn_newdn)) && isroot)
{
/* Here means that we didn't find the parent */
int err = 0;
- Slapi_DN ancestordn = {0};
+ Slapi_DN ancestorsdn;
struct backentry *ancestorentry;
- ancestorentry= dn2ancestor(be,&dn_newdn,&ancestordn,&txn,&err);
+ slapi_sdn_init(&ancestorsdn);
+ ancestorentry= dn2ancestor(be,&dn_newdn,&ancestorsdn,&txn,&err);
CACHE_RETURN( &inst->inst_cache, &ancestorentry );
- ldap_result_matcheddn= slapi_ch_strdup((char *) slapi_sdn_get_dn(&ancestordn));
+ ldap_result_matcheddn= slapi_ch_strdup((char *) slapi_sdn_get_dn(&ancestorsdn));
ldap_result_code= LDAP_NO_SUCH_OBJECT;
LDAPDebug( LDAP_DEBUG_TRACE, "ldbm_back_modrdn: New superior "
"does not exist matched %s, newsuperior = %s\n",
ldap_result_matcheddn == NULL ? "NULL" :
ldap_result_matcheddn,
- slapi_sdn_get_ndn(&dn_newsuperiordn), 0 );
- slapi_sdn_done(&ancestordn);
+ slapi_sdn_get_ndn(dn_newsuperiordn), 0 );
+ slapi_sdn_done(&ancestorsdn);
goto error_return;
}
}
@@ -426,7 +439,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if ( parententry == NULL )
{
/* If the entry a suffix, and we're root, then it's OK that the parent doesn't exist */
- if(!(slapi_dn_isbesuffix(pb,slapi_sdn_get_ndn(&dn_olddn)) && isroot))
+ if (!(slapi_be_issuffix(pb->pb_backend, sdn)) && isroot)
{
/* Here means that we didn't find the parent */
ldap_result_matcheddn = "NULL";
@@ -485,7 +498,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if (( cache_add_tentative( &inst->inst_cache, ec, NULL ) != 0 ) &&
/* allow modrdn even if the src dn and dest dn are identical */
( 0 != slapi_sdn_compare((const Slapi_DN *)&dn_newdn,
- (const Slapi_DN *)&dn_olddn)) )
+ (const Slapi_DN *)sdn)) )
{
/* somebody must've created it between dn2entry() and here */
/* JCMREPL - Hmm... we can't permit this to happen...? */
@@ -498,7 +511,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
{
slapi_mods_init(&smods_generated,4);
slapi_mods_init(&smods_generated_wsi,4);
- ldap_result_code = moddn_newrdn_mods(pb, slapi_sdn_get_ndn(&dn_olddn),
+ ldap_result_code = moddn_newrdn_mods(pb, slapi_sdn_get_ndn(sdn),
ec, &smods_generated_wsi, is_replicated_operation);
if (ldap_result_code != LDAP_SUCCESS) {
if (ldap_result_code == LDAP_UNWILLING_TO_PERFORM)
@@ -519,7 +532,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/*
* Update parentid if we have a new superior.
*/
- if(slapi_sdn_get_dn(&dn_newsuperiordn)!=NULL) {
+ if(slapi_sdn_get_dn(dn_newsuperiordn)!=NULL) {
char buf[40]; /* Enough for an ID */
if (parententry != NULL) {
@@ -619,7 +632,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
* If the entry has a new superior then the subordinate count
* of the parents must be updated.
*/
- if(slapi_sdn_get_dn(&dn_newsuperiordn)!=NULL)
+ if(slapi_sdn_get_dn(dn_newsuperiordn)!=NULL)
{
/*
* Update the subordinate count of the parents to reflect the moved child.
@@ -652,12 +665,12 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/* JCM - This is where the subtree lock will appear */
if (entryrdn_get_switch()) /* subtree-rename: on */
{
- children = moddn_get_children(&txn, pb, be, e, &dn_olddn,
+ children = moddn_get_children(&txn, pb, be, e, sdn,
&child_entries, &child_dns);
}
else
{
- children = moddn_get_children(&txn, pb, be, e, &dn_olddn,
+ children = moddn_get_children(&txn, pb, be, e, sdn,
&child_entries, NULL);
}
@@ -781,7 +794,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
}
}
}
- if (slapi_sdn_get_dn(&dn_newsuperiordn)!=NULL)
+ if (slapi_sdn_get_dn(dn_newsuperiordn)!=NULL)
{
/* Push out the db modifications from the parent entry */
retval = modify_update_all(be, pb, &parent_modify_context, &txn);
@@ -826,8 +839,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/*
* Update ancestorid index.
*/
- if (slapi_sdn_get_dn(&dn_newsuperiordn)!=NULL) {
- retval = ldbm_ancestorid_move_subtree(be, &dn_olddn, &dn_newdn, e->ep_id, children, &txn);
+ if (slapi_sdn_get_dn(dn_newsuperiordn)!=NULL) {
+ retval = ldbm_ancestorid_move_subtree(be, sdn, &dn_newdn, e->ep_id, children, &txn);
if (retval != 0) {
if (retval == DB_LOCK_DEADLOCK) continue;
if (retval == DB_RUNRECOVERY || LDBM_OS_ERR_IS_DISKFULL(retval))
@@ -844,9 +857,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
{
Slapi_RDN newsrdn;
slapi_rdn_init_sdn(&newsrdn, (const Slapi_DN *)&dn_newdn);
- rc = entryrdn_rename_subtree(be,
- (const Slapi_DN *)&dn_olddn, &newsrdn,
- (const Slapi_DN *)&dn_newsuperiordn,
+ rc = entryrdn_rename_subtree(be, (const Slapi_DN *)sdn, &newsrdn,
+ (const Slapi_DN *)dn_newsuperiordn,
e->ep_id, &txn);
slapi_rdn_done(&newsrdn);
if (rc) {
@@ -861,7 +873,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
*/
if (!entryrdn_get_switch() && children) /* subtree-rename: off */
{
- retval= moddn_rename_children(&txn, pb, be, children, &dn_olddn,
+ retval= moddn_rename_children(&txn, pb, be, children, sdn,
&dn_newdn, child_entries);
}
if (DB_LOCK_DEADLOCK == retval)
@@ -1100,10 +1112,8 @@ common_return:
if (ldap_result_matcheddn && 0 != strcmp(ldap_result_matcheddn, "NULL"))
slapi_ch_free((void**)&ldap_result_matcheddn);
idl_free(children);
- slapi_sdn_done(&dn_olddn);
slapi_sdn_done(&dn_newdn);
slapi_sdn_done(&dn_newrdn);
- slapi_sdn_done(&dn_newsuperiordn);
slapi_sdn_done(&dn_parentdn);
modify_term(&parent_modify_context,be);
modify_term(&newparent_modify_context,be);
@@ -1118,7 +1128,8 @@ common_return:
slapi_ch_free((void**)&errbuf);
if (retval == 0 && opcsn != NULL && !is_fixup_operation)
{
- slapi_pblock_set(pb, SLAPI_URP_NAMING_COLLISION_DN, slapi_ch_strdup (dn));
+ slapi_pblock_set(pb, SLAPI_URP_NAMING_COLLISION_DN,
+ slapi_ch_strdup(slapi_sdn_get_dn(sdn)));
}
if (pb->pb_conn)
{
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_search.c b/ldap/servers/slapd/back-ldbm/ldbm_search.c
index 66ec886..91b0280 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_search.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_search.c
@@ -159,7 +159,6 @@ ldbm_back_search_cleanup(Slapi_PBlock *pb,
int ldap_result,
char* ldap_result_description,
int function_result,
- Slapi_DN *sdn,
struct vlv_request *vlv_request_control,
struct backentry *e)
{
@@ -192,7 +191,6 @@ ldbm_back_search_cleanup(Slapi_PBlock *pb,
delete_search_result_set(&sr);
}
}
- slapi_sdn_done(sdn);
if (vlv_request_control)
{
berval_done(&vlv_request_control->value);
@@ -218,8 +216,8 @@ ldbm_back_search( Slapi_PBlock *pb )
struct ldbminfo *li;
struct backentry *e;
IDList *candidates= NULL;
- char *base;
- Slapi_DN basesdn;
+ const char *base;
+ Slapi_DN *basesdn = NULL;
int scope;
LDAPControl **controls = NULL;
Slapi_Operation *operation;
@@ -254,7 +252,7 @@ ldbm_back_search( Slapi_PBlock *pb )
slapi_pblock_get( pb, SLAPI_BACKEND, &be );
slapi_pblock_get( pb, SLAPI_OPERATION, &operation);
slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &li );
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &basesdn );
slapi_pblock_get( pb, SLAPI_TARGET_ADDRESS, &addr);
slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope );
slapi_pblock_get( pb, SLAPI_REQCONTROLS, &controls );
@@ -263,7 +261,13 @@ ldbm_back_search( Slapi_PBlock *pb )
inst = (ldbm_instance *) be->be_instance_info;
- slapi_sdn_init_dn_ndn_byref(&basesdn,base); /* normalized by front end*/
+ if (NULL == basesdn) {
+ slapi_send_ldap_result( pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "Null target DN", 0, NULL );
+ return( -1 );
+ }
+ base = slapi_sdn_get_dn(basesdn);
+
/* Initialize the result set structure here because we need to use it during search processing */
/* Beware that if we exit this routine sideways, we might leak this structure */
sr = new_search_result_set( NULL, 0,
@@ -285,8 +289,7 @@ ldbm_back_search( Slapi_PBlock *pb )
/* Badly formed SORT control */
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_PROTOCOL_ERROR, "Sort Control",
- SLAPI_FAIL_GENERAL, &basesdn,
- NULL, NULL);
+ SLAPI_FAIL_GENERAL, NULL, NULL);
}
/* set this operation includes the server side sorting */
operation->o_flags |= OP_FLAG_SERVER_SIDE_SORTING;
@@ -303,8 +306,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
/* Badly formed VLV control */
return ldbm_back_search_cleanup(pb, li, sort_control,
- r, "VLV Control",
- SLAPI_FAIL_GENERAL, &basesdn,
+ r, "VLV Control", SLAPI_FAIL_GENERAL,
&vlv_request_control, NULL);
}
{
@@ -325,8 +327,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
/* Client isn't allowed to do this. */
return ldbm_back_search_cleanup(pb, li, sort_control,
- r, "VLV Control",
- SLAPI_FAIL_GENERAL, &basesdn,
+ r, "VLV Control", SLAPI_FAIL_GENERAL,
&vlv_request_control, NULL);
}
}
@@ -341,8 +342,7 @@ ldbm_back_search( Slapi_PBlock *pb )
/* Can't have a VLV control without a SORT control */
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_SORT_CONTROL_MISSING, "VLV Control",
- SLAPI_FAIL_GENERAL, &basesdn,
- &vlv_request_control, NULL);
+ SLAPI_FAIL_GENERAL, &vlv_request_control, NULL);
}
}
}
@@ -395,15 +395,13 @@ ldbm_back_search( Slapi_PBlock *pb )
{
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_UNWILLING_TO_PERFORM, ctrlstr,
- SLAPI_FAIL_GENERAL, &basesdn,
- &vlv_request_control, NULL);
+ SLAPI_FAIL_GENERAL, &vlv_request_control, NULL);
}
else
{
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_VIRTUAL_LIST_VIEW_ERROR, ctrlstr,
- SLAPI_FAIL_GENERAL, &basesdn,
- &vlv_request_control, NULL);
+ SLAPI_FAIL_GENERAL, &vlv_request_control, NULL);
}
}
else
@@ -418,8 +416,7 @@ ldbm_back_search( Slapi_PBlock *pb )
sort_make_sort_response_control(pb, LDAP_UNWILLING_TO_PERFORM, NULL);
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_UNAVAILABLE_CRITICAL_EXTENSION, ctrlstr,
- SLAPI_FAIL_GENERAL, &basesdn,
- &vlv_request_control, NULL);
+ SLAPI_FAIL_GENERAL, &vlv_request_control, NULL);
}
else /* vlv and sorting are not critical, so ignore the control */
{
@@ -453,7 +450,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
/* error or referral sent by find_entry */
return ldbm_back_search_cleanup(pb, li, sort_control,
- -1, NULL, 1, &basesdn, &vlv_request_control, NULL);
+ -1, NULL, 1, &vlv_request_control, NULL);
}
}
@@ -478,21 +475,20 @@ ldbm_back_search( Slapi_PBlock *pb )
*/
if ((NULL != controls) && (sort) && (vlv)) {
/* This candidate list is for vlv, no need for sort only. */
- switch (vlv_search_build_candidate_list(pb, &basesdn, &vlv_rc,
+ switch (vlv_search_build_candidate_list(pb, basesdn, &vlv_rc,
sort_control,
(vlv ? &vlv_request_control : NULL),
&candidates, &vlv_response_control)) {
case VLV_ACCESS_DENIED:
return ldbm_back_search_cleanup(pb, li, sort_control,
vlv_rc, "VLV Control",
- SLAPI_FAIL_GENERAL, &basesdn,
+ SLAPI_FAIL_GENERAL,
&vlv_request_control, e);
case VLV_BLD_LIST_FAILED:
return ldbm_back_search_cleanup(pb, li, sort_control,
vlv_response_control.result,
NULL, SLAPI_FAIL_GENERAL,
- &basesdn, &vlv_request_control,
- e);
+ &vlv_request_control, e);
case LDAP_SUCCESS:
/* Log to the access log the particulars of this sort request */
@@ -513,7 +509,6 @@ ldbm_back_search( Slapi_PBlock *pb )
LDAP_OPERATIONS_ERROR,
"Sort Response Control",
SLAPI_FAIL_GENERAL,
- &basesdn,
&vlv_request_control, e);
}
}
@@ -526,7 +521,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
/* Error result sent by build_candidate_list */
return ldbm_back_search_cleanup(pb, li, sort_control, -1,
- NULL, rc, &basesdn,
+ NULL, rc,
&vlv_request_control, e);
}
/*
@@ -559,7 +554,7 @@ ldbm_back_search( Slapi_PBlock *pb )
IDList *idl = NULL;
Slapi_Filter *filter = NULL;
slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, &filter );
- r = vlv_filter_candidates(be, pb, candidates, &basesdn,
+ r = vlv_filter_candidates(be, pb, candidates, basesdn,
scope, filter, &idl,
lookthrough_limit, time_up);
if(r == 0)
@@ -570,7 +565,7 @@ ldbm_back_search( Slapi_PBlock *pb )
else
{
return ldbm_back_search_cleanup(pb, li, sort_control,
- r, NULL, -1, &basesdn,
+ r, NULL, -1,
&vlv_request_control, e);
}
}
@@ -589,7 +584,7 @@ ldbm_back_search( Slapi_PBlock *pb )
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_PROTOCOL_ERROR,
"Sort Response Control", -1,
- &basesdn, &vlv_request_control, e);
+ &vlv_request_control, e);
}
}
else
@@ -630,7 +625,6 @@ ldbm_back_search( Slapi_PBlock *pb )
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_PROTOCOL_ERROR,
"Sort Control", -1,
- &basesdn,
&vlv_request_control, e);
case LDAP_UNWILLING_TO_PERFORM: /* Too hard */
case LDAP_OPERATIONS_ERROR: /* Operation error */
@@ -673,7 +667,7 @@ ldbm_back_search( Slapi_PBlock *pb )
return ldbm_back_search_cleanup(pb, li, sort_control,
(abandoned?-1:LDAP_PROTOCOL_ERROR),
"Sort Response Control", -1,
- &basesdn, &vlv_request_control, e);
+ &vlv_request_control, e);
}
}
}
@@ -700,7 +694,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
return ldbm_back_search_cleanup(pb, li, sort_control,
vlv_response_control.result,
- NULL, -1, &basesdn,
+ NULL, -1,
&vlv_request_control, e);
}
}
@@ -720,7 +714,7 @@ ldbm_back_search( Slapi_PBlock *pb )
return ldbm_back_search_cleanup(pb, li, sort_control,
(abandoned?-1:LDAP_PROTOCOL_ERROR),
"VLV Response Control", -1,
- &basesdn, &vlv_request_control, e);
+ &vlv_request_control, e);
}
/* Log the VLV operation */
vlv_print_access_log(pb,&vlv_request_control,&vlv_response_control);
@@ -783,7 +777,7 @@ ldbm_back_search( Slapi_PBlock *pb )
/* Fix for bugid #394184, SD, 05 Jul 00 */
/* tmp_err == -1: no error */
return ldbm_back_search_cleanup(pb, li, sort_control, tmp_err, tmp_desc,
- (tmp_err == -1 ? 0 : -1), &basesdn,
+ (tmp_err == -1 ? 0 : -1),
&vlv_request_control, NULL);
/* end Fix for bugid #394184 */
}
@@ -1205,7 +1199,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
int managedsait;
Slapi_Attr *attr;
Slapi_Filter *filter;
- char *base;
+ const char *base;
back_search_result_set *sr;
ID id;
struct backentry *e;
@@ -1214,7 +1208,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
int tlimit, llimit, slimit, isroot;
struct berval **urls = NULL;
int err;
- Slapi_DN basesdn = {0};
+ Slapi_DN *basesdn = NULL;
char *target_uniqueid;
int rc = 0;
int estimate = 0; /* estimated search result count */
@@ -1225,7 +1219,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope );
slapi_pblock_get( pb, SLAPI_MANAGEDSAIT, &managedsait );
slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, &filter );
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &basesdn );
slapi_pblock_get( pb, SLAPI_NENTRIES, &nentries );
slapi_pblock_get( pb, SLAPI_SEARCH_SIZELIMIT, &slimit );
slapi_pblock_get( pb, SLAPI_SEARCH_TIMELIMIT, &tlimit );
@@ -1240,6 +1234,13 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
goto bail;
}
+ if (NULL == basesdn) {
+ slapi_send_ldap_result( pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "Null target DN", 0, NULL );
+ return( -1 );
+ }
+ base = slapi_sdn_get_dn(basesdn);
+
if (sr->sr_current_sizelimit >= 0) {
/*
* sr_current_sizelimit contains the current sizelimit.
@@ -1254,7 +1255,10 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
inst = (ldbm_instance *) be->be_instance_info;
- slapi_sdn_init_dn_ndn_byref(&basesdn,base); /* normalized by front end */
+ if (NULL == basesdn) {
+ basesdn = slapi_sdn_new_normdn_byref(base);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, basesdn);
+ }
/* Return to the cache the entry we handed out last time */
/* If we are using the extension, the front end will tell
* us when to do this so we don't do it now */
@@ -1399,7 +1403,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
char ebuf[ BUFSIZ ];
LDAPDebug( LDAP_DEBUG_ANY, "null ref in (%s)\n", escape_string( backentry_get_ndn(e), ebuf ), 0, 0 );
}
- else if ( slapi_sdn_scope_test( backentry_get_sdn(e), &basesdn, scope ))
+ else if ( slapi_sdn_scope_test( backentry_get_sdn(e), basesdn, scope ))
{
if ( use_extension ) {
slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY_EXT, e );
@@ -1473,7 +1477,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
* just forget about it, since we don't want to return anything at all. */
{
if ( slapi_uniqueIDCompareString(target_uniqueid, e->ep_entry->e_uniqueid) ||
- slapi_sdn_scope_test( backentry_get_sdn(e), &basesdn, scope ))
+ slapi_sdn_scope_test( backentry_get_sdn(e), basesdn, scope ))
{
/* check size limit */
if ( slimit >= 0 )
@@ -1540,7 +1544,6 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
}
}
bail:
- slapi_sdn_done(&basesdn);
return rc;
}
diff --git a/ldap/servers/slapd/back-ldbm/ldif2ldbm.c b/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
index 4427a43..f6c3ce6 100644
--- a/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
+++ b/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
@@ -137,29 +137,18 @@ int ldbm_back_fetch_incl_excl(Slapi_PBlock *pb, char ***include,
char ***exclude)
{
char **pb_incl, **pb_excl;
- char subtreeDn[BUFSIZ];
- char *normSubtreeDn;
- int i;
slapi_pblock_get(pb, SLAPI_LDIF2DB_INCLUDE, &pb_incl);
slapi_pblock_get(pb, SLAPI_LDIF2DB_EXCLUDE, &pb_excl);
+ if ((NULL == include) || (NULL == exclude)) {
+ return 0;
+ }
*include = *exclude = NULL;
- /* normalize */
- if (pb_excl) {
- for (i = 0; pb_excl[i]; i++) {
- PL_strncpyz(subtreeDn, pb_excl[i], sizeof(subtreeDn));
- normSubtreeDn = slapi_dn_normalize_case(subtreeDn);
- charray_add(exclude, slapi_ch_strdup(normSubtreeDn));
- }
- }
- if (pb_incl) {
- for (i = 0; pb_incl[i]; i++) {
- PL_strncpyz(subtreeDn, pb_incl[i], sizeof(subtreeDn));
- normSubtreeDn = slapi_dn_normalize_case(subtreeDn);
- charray_add(include, slapi_ch_strdup(normSubtreeDn));
- }
- }
+ /* pb_incl/excl are both normalized */
+ *exclude = slapi_ch_array_dup(pb_excl);
+ *include = slapi_ch_array_dup(pb_incl);
+
return (pb_incl || pb_excl);
}
@@ -250,7 +239,8 @@ int add_op_attrs(Slapi_PBlock *pb, struct ldbminfo *li, struct backentry *ep,
* caller via the status parameter.
*/
if (entryrdn_get_switch()) { /* subtree-rename: on */
- Slapi_DN sdn = {0};;
+ Slapi_DN sdn;
+ slapi_sdn_init(&sdn);
slapi_sdn_set_dn_byval(&sdn, pdn);
err = entryrdn_index_read(be, &sdn, &pid, NULL);
slapi_sdn_done(&sdn);
@@ -656,8 +646,10 @@ int ldbm_back_ldif2ldbm( Slapi_PBlock *pb )
/* initialize UniqueID generator - must be done once backends are started
and event queue is initialized but before plugins are started */
/* This dn is normalize. */
- Slapi_DN *sdn = slapi_sdn_new_dn_byval ("cn=uniqueid generator,cn=config");
- int rc = uniqueIDGenInit (NULL, sdn, 0 /* use single thread mode */);
+ Slapi_DN *sdn =
+ slapi_sdn_new_ndn_byref ("cn=uniqueid generator,cn=config");
+ int rc = uniqueIDGenInit (NULL, sdn /*const*/,
+ 0 /* use single thread mode */);
slapi_sdn_free (&sdn);
if (rc != UID_SUCCESS) {
LDAPDebug( LDAP_DEBUG_ANY,
@@ -783,9 +775,10 @@ static IDList *ldbm_fetch_subtrees(backend *be, char **include, int *err)
IDList *idltotal = NULL, *idltmp;
back_txn *txn = NULL;
struct berval bv;
- Slapi_DN sdn = {0}; /* Valid only if entryrdn_get_switch is true */
+ Slapi_DN sdn; /* Used only if entryrdn_get_switch is true */
*err = 0;
+ slapi_sdn_init(&sdn);
/* for each subtree spec... */
for (i = 0; include[i]; i++) {
IDList *idl = NULL;
@@ -794,6 +787,7 @@ static IDList *ldbm_fetch_subtrees(backend *be, char **include, int *err)
char *nextdn = NULL;
int matched = 0;
int issubsuffix = 0;
+
/*
* avoid a case that an include suffix is applied to the backend of
* its sub suffix
@@ -848,7 +842,6 @@ static IDList *ldbm_fetch_subtrees(backend *be, char **include, int *err)
if (entryrdn_get_switch()) { /* subtree-rename: on */
slapi_sdn_set_dn_byval(&sdn, include[i]);
*err = entryrdn_index_read(be, &sdn, &id, NULL);
- slapi_sdn_done(&sdn);
if (*err) {
if (DB_NOTFOUND == *err) {
LDAPDebug2Args(LDAP_DEBUG_ANY,
@@ -861,6 +854,7 @@ static IDList *ldbm_fetch_subtrees(backend *be, char **include, int *err)
"Reading %s failed on entryrdn; %d\n",
include[i], *err );
}
+ slapi_sdn_done(&sdn);
continue;
}
} else {
@@ -895,6 +889,7 @@ static IDList *ldbm_fetch_subtrees(backend *be, char **include, int *err)
} else {
*err = ldbm_ancestorid_read(be, txn, id, &idl);
}
+ slapi_sdn_done(&sdn);
if (idl == NULL) {
if (DB_NOTFOUND == *err) {
LDAPDebug(LDAP_DEBUG_ANY,
@@ -924,7 +919,7 @@ static IDList *ldbm_fetch_subtrees(backend *be, char **include, int *err)
idl_free(idl);
idltotal = idltmp;
}
- }
+ } /* for (i = 0; include[i]; i++) */
return idltotal;
}
@@ -1423,7 +1418,6 @@ ldbm_back_ldbm2ldif( Slapi_PBlock *pb )
ep = backentry_alloc();
if (entryrdn_get_switch()) {
char *rdn = NULL;
- int rc = 0;
/* rdn is allocated in get_value_from_string */
rc = get_value_from_string((const char *)data.dptr, "rdn", &rdn);
@@ -1900,9 +1894,9 @@ ldbm_back_ldbm2index(Slapi_PBlock *pb)
/* create suffix list */
for (vlvidx = 0; vlvidx < numvlv; vlvidx++) {
- char *s = slapi_ch_strdup(slapi_sdn_get_dn(vlvIndex_getBase(pvlv[vlvidx])));
-
- s = slapi_dn_normalize_case(s);
+ char *s =
+ slapi_ch_strdup(slapi_sdn_get_ndn(vlvIndex_getBase(pvlv[vlvidx])));
+ /* 's' is passed in */
charray_add(&suffix_list, s);
}
idl = ldbm_fetch_subtrees(be, suffix_list, &err);
@@ -3448,8 +3442,7 @@ bail:
* Update old DN format in entrydn and the leaf attr value to the new one
*
* The implementation would be similar to the upgradedb for new idl.
- * Scan each entry, checking the entrydn value with the result of
- * slapi_dn_normalize_ext_case(dn).
+ * Scan each entry, checking the entrydn value with the normalized dn.
* If they don't match,
* replace the old entrydn value with the new one in the entry
* in id2entry.db4.
diff --git a/ldap/servers/slapd/back-ldbm/misc.c b/ldap/servers/slapd/back-ldbm/misc.c
index 6e350c9..78f1ed3 100644
--- a/ldap/servers/slapd/back-ldbm/misc.c
+++ b/ldap/servers/slapd/back-ldbm/misc.c
@@ -425,7 +425,8 @@ ldbm_txn_ruv_modify_context( Slapi_PBlock *pb, modify_context *mc )
slapi_pblock_get( pb, SLAPI_BACKEND, &be);
- bentry_addr.dn = NULL;
+ bentry_addr.sdn = NULL;
+ bentry_addr.udn = NULL;
bentry_addr.uniqueid = uniqueid;
/* Note: if we find the bentry, it will stay locked until someone calls
diff --git a/ldap/servers/slapd/back-ldbm/vlv_srch.c b/ldap/servers/slapd/back-ldbm/vlv_srch.c
index c160507..d7e28c1 100644
--- a/ldap/servers/slapd/back-ldbm/vlv_srch.c
+++ b/ldap/servers/slapd/back-ldbm/vlv_srch.c
@@ -189,7 +189,7 @@ vlvSearch_init(struct vlvSearch* p, Slapi_PBlock *pb, const Slapi_Entry *e, ldbm
slapi_pblock_set(pb, SLAPI_PLUGIN, inst->inst_be->be_database);
slapi_pblock_get(pb, SLAPI_TXN, &txn.back_txn_txn);
- addr.dn = (char*)slapi_sdn_get_ndn (p->vlv_base);
+ addr.sdn = p->vlv_base;
addr.uniqueid = NULL;
e = find_entry( pb, inst->inst_be, &addr, &txn );
/* Check to see if the entry is absent. If it is, mark this search
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c
index 9670de2..12d6650 100644
--- a/ldap/servers/slapd/bind.c
+++ b/ldap/servers/slapd/bind.c
@@ -124,12 +124,13 @@ do_bind( Slapi_PBlock *pb )
int auth_response_requested = 0;
int pw_response_requested = 0;
char *rawdn = NULL;
- char *dn = NULL, *saslmech = NULL;
+ const char *dn = NULL;
+ char *saslmech = NULL;
struct berval cred = {0};
Slapi_Backend *be = NULL;
ber_tag_t ber_rc;
int rc = 0;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_Entry *referral;
char errorbuf[BUFSIZ];
char **supported, **pmech;
@@ -137,8 +138,6 @@ do_bind( Slapi_PBlock *pb )
Slapi_Entry *bind_target_entry = NULL;
int auto_bind = 0;
int minssf = 0;
- char *test_bind_dn = NULL;
- size_t dnlen = 0;
LDAPDebug( LDAP_DEBUG_TRACE, "do_bind\n", 0, 0, 0 );
@@ -174,7 +173,7 @@ do_bind( Slapi_PBlock *pb )
return;
}
/* Check if we should be performing strict validation. */
- if (config_get_dn_validate_strict()) {
+ if (rawdn && config_get_dn_validate_strict()) {
/* check that the dn is formatted correctly */
rc = slapi_dn_syntax_check(pb, rawdn, 1);
if (rc) { /* syntax check failed */
@@ -186,27 +185,21 @@ do_bind( Slapi_PBlock *pb )
return;
}
}
- rc = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "BIND", rawdn?rawdn:"",
- "invalid bind dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid bind dn", 0, NULL);
- slapi_ch_free_string(&rawdn);
+ sdn = slapi_sdn_new_dn_passin(rawdn);
+ dn = slapi_sdn_get_dn(sdn);
+ if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "BIND", rawdn, "invalid bind dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid bind dn", 0, NULL);
+ slapi_sdn_free(&sdn);
return;
- } else if (rc > 0) { /* if rc == 0, rawdn is passed in */
- slapi_ch_free_string(&rawdn);
- } else { /* rc == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
}
-
- slapi_sdn_init_dn_passin(&sdn, dn);
-
LDAPDebug( LDAP_DEBUG_TRACE, "BIND dn=\"%s\" method=%d version=%d\n",
- dn, method, version );
+ dn?dn:"empty", method, version );
/* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (pb->pb_op, &sdn);
+ operation_set_target_spec (pb->pb_op, sdn);
switch ( method ) {
case LDAP_AUTH_SASL:
@@ -214,7 +207,7 @@ do_bind( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY,
"got SASL credentials from LDAPv2 client\n",
0, 0, 0 );
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method, version, saslmech, "SASL credentials only in LDAPv3");
+ log_bind_access (pb, dn?dn:"empty", method, version, saslmech, "SASL credentials only in LDAPv3");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"SASL credentials only in LDAPv3", 0, NULL );
goto free_and_return;
@@ -243,7 +236,7 @@ do_bind( Slapi_PBlock *pb )
"LDAPv2-style kerberos authentication received "
"on LDAPv3 connection.";
LDAPDebug( LDAP_DEBUG_ANY, kmsg, 0, 0, 0 );
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method, version, saslmech, kmsg);
+ log_bind_access (pb, dn?dn:"empty", method, version, saslmech, kmsg);
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
kmsg, 0, NULL );
goto free_and_return;
@@ -256,7 +249,7 @@ do_bind( Slapi_PBlock *pb )
}
break;
default:
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method, version, saslmech, "Unknown bind method");
+ log_bind_access (pb, dn?dn:"empty", method, version, saslmech, "Unknown bind method");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"Unknown bind method", 0, NULL );
goto free_and_return;
@@ -265,7 +258,7 @@ do_bind( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY,
"ber_scanf failed (op=Bind; params=Credentials)\n",
0, 0, 0 );
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method, version, saslmech, "decoding error");
+ log_bind_access (pb, dn?dn:"empty", method, version, saslmech, "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"decoding error", 0, NULL );
goto free_and_return;
@@ -284,7 +277,7 @@ do_bind( Slapi_PBlock *pb )
if (( err = get_ldapmessage_controls( pb, ber, &reqctrls ))
!= 0 ) {
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method,
+ log_bind_access (pb, dn?dn:"empty", method,
version, saslmech, "failed to parse LDAP controls");
send_ldap_result( pb, err, NULL, NULL, 0, NULL );
goto free_and_return;
@@ -316,8 +309,8 @@ do_bind( Slapi_PBlock *pb )
{
auto_bind = 1; /* flag the bind method */
dn = slapi_ch_strdup(pb->pb_conn->c_dn);
- slapi_sdn_done(&sdn);
- slapi_sdn_init_dn_passin(&sdn,dn);
+ slapi_sdn_free(&sdn);
+ sdn = slapi_sdn_new_dn_passin(dn);
}
}
#endif /* ENABLE_AUTOBIND */
@@ -330,7 +323,7 @@ do_bind( Slapi_PBlock *pb )
pb->pb_conn->c_needpw = 0;
PR_Unlock( pb->pb_conn->c_mutex );
- log_bind_access(pb, dn, method, version, saslmech, NULL);
+ log_bind_access(pb, dn?dn:"empty", method, version, saslmech, NULL);
switch ( version ) {
case LDAP_VERSION2:
@@ -372,9 +365,9 @@ do_bind( Slapi_PBlock *pb )
version, method, dn );
pb->pb_conn->c_ldapversion = version;
- isroot = slapi_dn_isroot( slapi_sdn_get_ndn(&sdn) );
+ isroot = slapi_dn_isroot( slapi_sdn_get_ndn(sdn) );
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &isroot );
- slapi_pblock_set( pb, SLAPI_BIND_TARGET, (void*)slapi_sdn_get_ndn(&sdn) );
+ slapi_pblock_set( pb, SLAPI_BIND_TARGET_SDN, (void*)sdn );
slapi_pblock_set( pb, SLAPI_BIND_METHOD, &method );
slapi_pblock_set( pb, SLAPI_BIND_SASLMECHANISM, saslmech );
slapi_pblock_set( pb, SLAPI_BIND_CREDENTIALS, &cred );
@@ -613,9 +606,9 @@ do_bind( Slapi_PBlock *pb )
slapi_value_init_berval(&cv,&cred);
/* right dn and passwd - authorize */
- if ( is_root_dn_pw( slapi_sdn_get_ndn(&sdn), &cv )) {
+ if ( is_root_dn_pw( slapi_sdn_get_ndn(sdn), &cv )) {
bind_credentials_set( pb->pb_conn, SLAPD_AUTH_SIMPLE,
- slapi_ch_strdup( slapi_sdn_get_ndn(&sdn) ),
+ slapi_ch_strdup( slapi_sdn_get_ndn(sdn) ),
NULL, NULL, NULL , NULL);
/* right dn, wrong passwd - reject with invalid creds */
@@ -635,7 +628,7 @@ do_bind( Slapi_PBlock *pb )
if ( auth_response_requested ) {
slapi_add_auth_response_control( pb,
( cred.bv_len == 0 ) ? "" :
- slapi_sdn_get_ndn(&sdn));
+ slapi_sdn_get_ndn(sdn));
}
send_ldap_result( pb, LDAP_SUCCESS, NULL, NULL, 0, NULL );
@@ -687,7 +680,7 @@ do_bind( Slapi_PBlock *pb )
/* get the entry now, so that we can give it to slapi_check_account_lock and reslimit_update_from_dn */
if (! slapi_be_is_flag_set(be, SLAPI_BE_FLAG_REMOTE_DATA)) {
- bind_target_entry = get_entry(pb, slapi_sdn_get_ndn(&sdn));
+ bind_target_entry = get_entry(pb, slapi_sdn_get_ndn(sdn));
rc = slapi_check_account_lock ( pb, bind_target_entry, pw_response_requested, 1, 1);
}
@@ -730,11 +723,11 @@ do_bind( Slapi_PBlock *pb )
if(!auto_bind)
bind_credentials_set( pb->pb_conn,
authtype, slapi_ch_strdup(
- slapi_sdn_get_ndn(&sdn)),
+ slapi_sdn_get_ndn(sdn)),
NULL, NULL, NULL, bind_target_entry );
if ( auth_response_requested ) {
slapi_add_auth_response_control( pb,
- slapi_sdn_get_ndn(&sdn));
+ slapi_sdn_get_ndn(sdn));
}
} else { /* anonymous */
/* set bind creds here so anonymous limits are set */
@@ -803,16 +796,12 @@ do_bind( Slapi_PBlock *pb )
free_and_return:;
if (be)
slapi_be_Unlock(be);
- slapi_pblock_get(pb, SLAPI_BIND_TARGET, &test_bind_dn);
- if (test_bind_dn != slapi_sdn_get_ndn(&sdn)) {
- /* set in sasl bind or some other bind plugin */
- slapi_ch_free_string(&test_bind_dn);
- }
- slapi_sdn_done(&sdn);
+ slapi_pblock_get(pb, SLAPI_BIND_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
slapi_ch_free_string( &saslmech );
slapi_ch_free( (void **)&cred.bv_val );
- if ( bind_target_entry != NULL )
- slapi_entry_free(bind_target_entry);
+ if ( bind_target_entry != NULL )
+ slapi_entry_free(bind_target_entry);
}
diff --git a/ldap/servers/slapd/bulk_import.c b/ldap/servers/slapd/bulk_import.c
index 717ff47..cb35988 100644
--- a/ldap/servers/slapd/bulk_import.c
+++ b/ldap/servers/slapd/bulk_import.c
@@ -67,7 +67,7 @@ static int process_bulk_import_op (Slapi_PBlock *pb, int state, Slapi_Entry *e);
SLAPI_CONNECTION -- connection over which bulk import is coming
SLAPI_BACKEND -- the backend being imported
or
- SLAPI_TARGET_DN that contains root of the imported area.
+ SLAPI_TARGET_SDN that contains root of the imported area.
The function returns LDAP_SUCCESS or LDAP error code
*/
@@ -80,7 +80,7 @@ int slapi_start_bulk_import (Slapi_PBlock *pb)
SLAPI_CONNECTION -- connection over which bulk import is coming
SLAPI_BACKEND -- the backend being imported
or
- SLAPI_TARGET_DN that contains root of the imported area.
+ SLAPI_TARGET_SDN that contains root of the imported area.
The function returns LDAP_SUCCESS or LDAP error code
*/
int slapi_stop_bulk_import (Slapi_PBlock *pb)
@@ -103,9 +103,7 @@ process_bulk_import_op (Slapi_PBlock *pb, int state, Slapi_Entry *e)
{
int rc;
Slapi_Backend *be = NULL;
- char *dn = NULL;
- Slapi_DN sdn;
- const Slapi_DN *target_sdn = NULL;
+ Slapi_DN *target_sdn = NULL;
if (pb == NULL)
{
@@ -125,29 +123,27 @@ process_bulk_import_op (Slapi_PBlock *pb, int state, Slapi_Entry *e)
/* try to get dn to select backend */
if (e)
{
- target_sdn = slapi_entry_get_sdn_const (e);
- be = slapi_be_select (target_sdn);
+ target_sdn = slapi_entry_get_sdn(e);
}
else
{
- slapi_sdn_init(&sdn);
- slapi_pblock_get (pb, SLAPI_TARGET_DN, &dn);
- if (dn)
- {
- slapi_sdn_init_dn_byref(&sdn, dn);
- be = slapi_be_select (&sdn);
- target_sdn = &sdn;
+ slapi_pblock_get (pb, SLAPI_TARGET_SDN, &target_sdn);
+ if (NULL == target_sdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "process_bulk_import_op: NULL target sdn\n");
+ return LDAP_OPERATIONS_ERROR;
}
}
+ be = slapi_be_select (target_sdn);
if (be)
{
- if (state == SLAPI_BI_STATE_START && (!slapi_be_issuffix(be, target_sdn)))
- {
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
- "process_bulk_import_op: wrong backend suffix\n");
- return LDAP_OPERATIONS_ERROR;
- }
+ if (state == SLAPI_BI_STATE_START && (!slapi_be_issuffix(be, target_sdn)))
+ {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "process_bulk_import_op: wrong backend suffix\n");
+ return LDAP_OPERATIONS_ERROR;
+ }
slapi_pblock_set (pb, SLAPI_BACKEND, be);
}
else
@@ -155,9 +151,6 @@ process_bulk_import_op (Slapi_PBlock *pb, int state, Slapi_Entry *e)
slapi_log_error(SLAPI_LOG_FATAL, NULL, "process_bulk_import_op: NULL backend\n");
return LDAP_OPERATIONS_ERROR;
}
-
- if (NULL == e)
- slapi_sdn_done (&sdn);
}
if (be->be_wire_import == NULL)
diff --git a/ldap/servers/slapd/charray.c b/ldap/servers/slapd/charray.c
index 30c64ac..1bb084f 100644
--- a/ldap/servers/slapd/charray.c
+++ b/ldap/servers/slapd/charray.c
@@ -472,3 +472,24 @@ charray_get_index(char **array, char *s)
}
return -1;
}
+
+int
+charray_normdn_add(char ***chararray, char *dn, char *errstr)
+{
+ int rc = 0;
+ size_t len = 0;
+ char *normdn = NULL;
+ rc = slapi_dn_normalize_ext(dn, 0, &normdn, &len);
+ if (rc < 0) {
+ LDAPDebug2Args(LDAP_DEBUG_ANY, "Invalid dn: \"%s\" %s\n",
+ dn, errstr?errstr:"");
+ return rc;
+ } else if (0 == rc) {
+ /* rc == 0; optarg_extawdn is passed in;
+ * not null terminated */
+ *(dn + len) = '\0';
+ normdn = slapi_ch_strdup(dn);
+ }
+ charray_add(chararray, slapi_dn_ignore_case(normdn));
+ return rc;
+}
diff --git a/ldap/servers/slapd/compare.c b/ldap/servers/slapd/compare.c
index 578d826..b5b28fb 100644
--- a/ldap/servers/slapd/compare.c
+++ b/ldap/servers/slapd/compare.c
@@ -66,8 +66,7 @@ do_compare( Slapi_PBlock *pb )
{
BerElement *ber = pb->pb_op->o_ber;
char *rawdn = NULL;
- char *dn = NULL;
- size_t len = 0;
+ const char *dn = NULL;
struct ava ava = {0};
Slapi_Backend *be = NULL;
int err;
@@ -118,18 +117,16 @@ do_compare( Slapi_PBlock *pb )
return;
}
}
- err = slapi_dn_normalize_ext(rawdn, 0, &dn, &len);
- if (err < 0) {
- op_shared_log_error_access(pb, "CMP", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free((void **) &rawdn);
- return;
- } else if (err > 0) { /* if rc == 0, rawdn is passed in */
- slapi_ch_free((void **) &rawdn);
- } else { /* rc == 0; rawdn is passed in; not null terminated */
- *(dn + len) = '\0';
- }
+ slapi_sdn_init_dn_passin(&sdn, rawdn);
+ dn = slapi_sdn_get_dn(&sdn);
+ if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "CMP", rawdn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid dn", 0, NULL);
+ slapi_sdn_done(&sdn);
+ return;
+ }
/*
* in LDAPv3 there can be optional control extensions on
* the end of an LDAPMessage. we need to read them in and
@@ -139,19 +136,17 @@ do_compare( Slapi_PBlock *pb )
send_ldap_result( pb, err, NULL, NULL, 0, NULL );
goto free_and_return;
}
- slapi_sdn_init_dn_passin(&sdn,dn);
- dn = NULL; /* do not free - sdn owns it now */
/* target spec is used to decide which plugins are applicable for the operation */
operation_set_target_spec (pb->pb_op, &sdn);
LDAPDebug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s)\n",
- dn, ava.ava_type, 0 );
+ rawdn, ava.ava_type, 0 );
slapi_log_access( LDAP_DEBUG_STATS,
"conn=%" NSPRIu64 " op=%d CMP dn=\"%s\" attr=\"%s\"\n",
pb->pb_conn->c_connid, pb->pb_op->o_opid,
- escape_string( dn, ebuf ), ava.ava_type );
+ escape_string( rawdn, ebuf ), ava.ava_type );
/*
* We could be serving multiple database backends. Select the
@@ -188,7 +183,9 @@ do_compare( Slapi_PBlock *pb )
isroot = pb->pb_op->o_isroot;
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &isroot );
- slapi_pblock_set( pb, SLAPI_COMPARE_TARGET, (void*)slapi_sdn_get_ndn(&sdn) );
+ /* EXCEPTION: compare target does not allocate memory. */
+ /* target never be modified by plugins. */
+ slapi_pblock_set( pb, SLAPI_COMPARE_TARGET_SDN, (void*)&sdn );
slapi_pblock_set( pb, SLAPI_COMPARE_TYPE, ava.ava_type);
slapi_pblock_set( pb, SLAPI_COMPARE_VALUE, &ava.ava_value );
/*
@@ -216,6 +213,5 @@ free_and_return:;
if (be)
slapi_be_Unlock(be);
slapi_sdn_done(&sdn);
- slapi_ch_free_string(&dn);
ava_done( &ava );
}
diff --git a/ldap/servers/slapd/delete.c b/ldap/servers/slapd/delete.c
index fa7dbe3..693efa1 100644
--- a/ldap/servers/slapd/delete.c
+++ b/ldap/servers/slapd/delete.c
@@ -72,8 +72,6 @@ do_delete( Slapi_PBlock *pb )
Slapi_Operation *operation;
BerElement *ber;
char *rawdn = NULL;
- char *dn = NULL;
- size_t dnlen = 0;
int err = 0;
LDAPDebug( LDAP_DEBUG_TRACE, "do_delete\n", 0, 0, 0 );
@@ -107,22 +105,9 @@ do_delete( Slapi_PBlock *pb )
"strict: invalid dn");
send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
NULL, "invalid dn", 0, NULL);
- slapi_ch_free_string(&rawdn);
goto free_and_return;
}
}
- err = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (err < 0) {
- op_shared_log_error_access(pb, "DEL", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free_string(&rawdn);
- goto free_and_return;
- } else if (err > 0) { /* if err == 0, rawdn is passed in */
- slapi_ch_free_string(&rawdn);
- } else { /* err == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
- }
/*
* in LDAPv3 there can be optional control extensions on
@@ -130,20 +115,20 @@ do_delete( Slapi_PBlock *pb )
* pass them to the backend.
*/
if ( (err = get_ldapmessage_controls( pb, ber, NULL )) != 0 ) {
- op_shared_log_error_access (pb, "DEL", dn, "decoding error");
+ op_shared_log_error_access (pb, "DEL", rawdn, "decoding error");
send_ldap_result( pb, err, NULL, NULL, 0, NULL );
goto free_and_return;
}
- LDAPDebug( LDAP_DEBUG_ARGS, "do_delete: dn (%s)\n", dn, 0, 0 );
-
+ LDAPDebug1Arg( LDAP_DEBUG_ARGS, "do_delete: dn (%s)\n", rawdn );
+
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &pb->pb_op->o_isroot );
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn);
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, rawdn);
op_shared_delete (pb);
free_and_return:;
- slapi_ch_free ((void**)&dn);
+ slapi_ch_free ((void**)&rawdn);
}
/* This function is used to issue internal delete operation
@@ -158,7 +143,7 @@ slapi_delete_internal(const char *idn, LDAPControl **controls, int dummy)
int opresult;
pblock_init (&pb);
-
+
slapi_delete_internal_set_pb (&pb, idn, controls, NULL, plugin_get_default_component_id(), 0);
delete_internal_pb (&pb);
@@ -201,22 +186,26 @@ int slapi_delete_internal_pb (Slapi_PBlock *pb)
}
/* Initialize a pblock for a call to slapi_delete_internal_pb() */
-void slapi_delete_internal_set_pb (Slapi_PBlock *pb, const char *dn, LDAPControl **controls, const char *uniqueid,
- Slapi_ComponentId *plugin_identity, int operation_flags)
+void
+slapi_delete_internal_set_pb (Slapi_PBlock *pb,
+ const char *rawdn,
+ LDAPControl **controls, const char *uniqueid,
+ Slapi_ComponentId *plugin_identity,
+ int operation_flags)
{
Operation *op;
PR_ASSERT (pb != NULL);
- if (pb == NULL || dn == NULL)
+ if (pb == NULL || rawdn == NULL)
{
slapi_log_error(SLAPI_LOG_FATAL, NULL,
"slapi_delete_internal_set_pb: NULL parameter\n");
return;
}
- op = internal_operation_new(SLAPI_OPERATION_DELETE,operation_flags);
+ op = internal_operation_new(SLAPI_OPERATION_DELETE,operation_flags);
slapi_pblock_set(pb, SLAPI_OPERATION, op);
- slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET, (void*)dn);
- slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET, (void*)rawdn);
+ slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
if (uniqueid)
{
slapi_pblock_set(pb, SLAPI_TARGET_UNIQUEID, (void*)uniqueid);
@@ -259,11 +248,12 @@ static int delete_internal_pb (Slapi_PBlock *pb)
static void op_shared_delete (Slapi_PBlock *pb)
{
- char *dn;
+ char *rawdn = NULL;
+ const char *dn = NULL;
Slapi_Backend *be = NULL;
char ebuf[ BUFSIZ ];
int internal_op;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_Operation *operation;
Slapi_Entry *referral;
Slapi_Entry *ecopy = NULL;
@@ -274,15 +264,23 @@ static void op_shared_delete (Slapi_PBlock *pb)
int proxy_err = LDAP_SUCCESS;
char *errtext = NULL;
- slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET, &dn);
+ slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET, &rawdn);
slapi_pblock_get(pb, SLAPI_OPERATION, &operation);
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
- slapi_sdn_init_dn_byref(&sdn,dn);
- slapi_pblock_set(pb, SLAPI_DELETE_TARGET, (void*)slapi_sdn_get_ndn (&sdn));
+ sdn = slapi_sdn_new_dn_byval(rawdn);
+ dn = slapi_sdn_get_dn(sdn);
+ slapi_pblock_set(pb, SLAPI_DELETE_TARGET_SDN, (void*)sdn);
+ if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "DEL", rawdn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
+ NULL, "invalid dn", 0, NULL);
+ goto free_and_return;
+ }
/* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (operation, &sdn);
+ operation_set_target_spec (operation, sdn);
/* get the proxy auth dn if the proxy auth control is present */
proxy_err = proxyauth_get_dn(pb, &proxydn, &errtext);
@@ -299,7 +297,7 @@ static void op_shared_delete (Slapi_PBlock *pb)
slapi_log_access(LDAP_DEBUG_STATS, "conn=%" NSPRIu64 " op=%d DEL dn=\"%s\"%s\n",
pb->pb_conn->c_connid,
pb->pb_op->o_opid,
- escape_string(dn, ebuf),
+ escape_string(slapi_sdn_get_dn(sdn), ebuf),
proxystr ? proxystr: "");
}
else
@@ -307,7 +305,7 @@ static void op_shared_delete (Slapi_PBlock *pb)
slapi_log_access(LDAP_DEBUG_ARGS, "conn=%s op=%d DEL dn=\"%s\"%s\n",
LOG_INTERNAL_OP_CON_ID,
LOG_INTERNAL_OP_OP_ID,
- escape_string(dn, ebuf),
+ escape_string(slapi_sdn_get_dn(sdn), ebuf),
proxystr ? proxystr: "");
}
}
@@ -398,6 +396,7 @@ free_and_return:
slapi_be_Unlock(be);
}
{
+ char *coldn = NULL;
Slapi_Entry *epre = NULL, *eparent = NULL;
slapi_pblock_get(pb, SLAPI_ENTRY_PRE_OP, &epre);
slapi_pblock_get(pb, SLAPI_DELETE_GLUE_PARENT_ENTRY, &eparent);
@@ -408,10 +407,12 @@ free_and_return:
}
slapi_entry_free(epre);
slapi_entry_free(eparent);
+ slapi_pblock_get(pb, SLAPI_URP_NAMING_COLLISION_DN, &coldn);
+ slapi_ch_free_string(&coldn);
}
- slapi_pblock_get(pb, SLAPI_URP_NAMING_COLLISION_DN, &dn);
- slapi_ch_free((void **)&dn);
- slapi_sdn_done(&sdn);
+
+ slapi_pblock_get(pb, SLAPI_DELETE_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
slapi_ch_free_string(&proxydn);
slapi_ch_free_string(&proxystr);
}
diff --git a/ldap/servers/slapd/dn.c b/ldap/servers/slapd/dn.c
index 1912f70..e5b9db9 100644
--- a/ldap/servers/slapd/dn.c
+++ b/ldap/servers/slapd/dn.c
@@ -190,7 +190,6 @@ substr_dn_normalize_orig( char *dn, char *end )
char *d = NULL;
char *s = NULL;
char *typestart = NULL;
- char *rdnbegin = NULL;
char *lastesc = NULL;
int gotesc = 0;
int state = B4TYPE;
@@ -231,7 +230,6 @@ substr_dn_normalize_orig( char *dn, char *end )
value_separator = NULL;
value = d;
state = ( *s == '"' ) ? INQUOTEDVALUE : INVALUE1ST;
- rdnbegin = d;
lastesc = NULL;
*d++ = *s;
}
@@ -545,6 +543,9 @@ slapi_dn_normalize_ext(char *src, size_t src_len, char **dest, size_t *dest_len)
rc = 0;
}
}
+ if (0 == src_len) { /* src == "" */
+ goto bail;
+ }
ends = src + src_len;
endd = *dest + *dest_len;
@@ -1041,7 +1042,7 @@ slapi_dn_normalize_ext(char *src, size_t src_len, char **dest, size_t *dest_len)
break;
default:
LDAPDebug( LDAP_DEBUG_ANY,
- "slapi_dn_normalize - unknown state %d\n", state, 0, 0 );
+ "slapi_dn_normalize_ext - unknown state %d\n", state, 0, 0 );
break;
}
}
@@ -1116,6 +1117,39 @@ slapi_create_dn_string(const char *fmt, ...)
return dest;
}
+char *
+slapi_create_rdn_value(const char *fmt, ...)
+{
+ char *src = NULL;
+ char *dest = NULL;
+ size_t dest_len = 0;
+ va_list ap;
+ int rc = 0;
+ char *dnfmt;
+
+ if (NULL == fmt) {
+ return NULL;
+ }
+
+ dnfmt = slapi_ch_smprintf("cn=%s", fmt);
+ va_start(ap, fmt);
+ src = PR_vsmprintf(dnfmt, ap);
+ va_end(ap);
+ slapi_ch_free_string(&dnfmt);
+
+ rc = slapi_dn_normalize_ext(src, strlen(src), &dest, &dest_len);
+ if (rc == 0) { /* src is passed in. */
+ *(dest + dest_len) = '\0';
+ dest = slapi_ch_strdup(dest + 3);
+ } else if (rc > 0) {
+ char *odest = dest;
+ dest = slapi_ch_strdup(dest + 3);
+ slapi_ch_free_string(&odest);
+ }
+ slapi_ch_free_string(&src);
+ return dest;
+}
+
/*
* Append previous AV to the attribute value array if multivalued RDN.
* We use a stack based array at first and if we overflow that, we
@@ -1370,12 +1404,13 @@ dn_ignore_case_to_end( char *dn, char *end )
* slapi_dn_normalize_case - put dn into a canonical form suitable for storing
* in a hash database. this involves normalizing the case as well as
* the format. the dn is normalized in place as well as returned.
+ * (DEPRECATED)
*/
char *
slapi_dn_normalize_case( char *dn )
{
- /* normalize format */
+ /* normalize format (DEPRECATED) noop */
slapi_dn_normalize( dn );
/* normalize case */
@@ -1698,6 +1733,9 @@ PR_DEFINE_COUNTER(slapi_sdn_counter_dn_exist);
PR_DEFINE_COUNTER(slapi_sdn_counter_ndn_created);
PR_DEFINE_COUNTER(slapi_sdn_counter_ndn_deleted);
PR_DEFINE_COUNTER(slapi_sdn_counter_ndn_exist);
+PR_DEFINE_COUNTER(slapi_sdn_counter_udn_created);
+PR_DEFINE_COUNTER(slapi_sdn_counter_udn_deleted);
+PR_DEFINE_COUNTER(slapi_sdn_counter_udn_exist);
static void
sdn_create_counters()
@@ -1711,12 +1749,16 @@ sdn_create_counters()
PR_CREATE_COUNTER(slapi_sdn_counter_ndn_created,"Slapi_DN","internal_ndn_created","");
PR_CREATE_COUNTER(slapi_sdn_counter_ndn_deleted,"Slapi_DN","internal_ndn_deleted","");
PR_CREATE_COUNTER(slapi_sdn_counter_ndn_exist,"Slapi_DN","internal_ndn_exist","");
+ PR_CREATE_COUNTER(slapi_sdn_counter_udn_created,"Slapi_DN","internal_udn_created","");
+ PR_CREATE_COUNTER(slapi_sdn_counter_udn_deleted,"Slapi_DN","internal_udn_deleted","");
+ PR_CREATE_COUNTER(slapi_sdn_counter_udn_exist,"Slapi_DN","internal_udn_exist","");
counters_created= 1;
}
#define FLAG_ALLOCATED 0
#define FLAG_DN 1
#define FLAG_NDN 2
+#define FLAG_UDN 3
Slapi_DN *
slapi_sdn_new()
@@ -1730,10 +1772,18 @@ slapi_sdn_new()
return sdn;
}
+/*
+ * WARNING:
+ * Do not call slapi_sdn_init and its sibling APIs against Slapi_DN
+ * allocated by slapi_sdn_new. slapi_sdn_init clears all bits in the flag.
+ * If sdn is allocated by slapi_sdn_new, the FLAG_ALLOCATED bit is cleared
+ * and slapi_sdn_free won't free Slapi_DN.
+ */
Slapi_DN *
slapi_sdn_init(Slapi_DN *sdn)
{
sdn->flag= 0;
+ sdn->udn= NULL;
sdn->dn= NULL;
sdn->ndn= NULL;
sdn->ndn_len=0;
@@ -1748,7 +1798,7 @@ Slapi_DN *
slapi_sdn_init_dn_byref(Slapi_DN *sdn,const char *dn)
{
slapi_sdn_init(sdn);
- slapi_sdn_set_dn_byref(sdn,dn);
+ slapi_sdn_set_dn_byref(sdn, dn);
return sdn;
}
@@ -1768,20 +1818,33 @@ slapi_sdn_init_dn_passin(Slapi_DN *sdn,const char *dn)
return sdn;
}
-/* use when dn is normalized previously */
+/* use when dn is already normalized (but case is yet touched) */
Slapi_DN *
-slapi_sdn_init_dn_ndn_byref(Slapi_DN *sdn,const char *dn) {
- slapi_sdn_init(sdn);
- slapi_sdn_set_dn_byref(sdn,dn);
- /* slapi_sdn_set_ndn_byref nulls out dn set in above statement */
- sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_NDN);
- sdn->ndn= dn;
- if(dn == NULL) {
- sdn->ndn_len=0;
- } else {
- sdn->ndn_len=strlen(dn);
- }
- return sdn;
+slapi_sdn_init_normdn_byref(Slapi_DN *sdn, const char *dn)
+{
+ slapi_sdn_init(sdn);
+ if(dn == NULL) {
+ sdn->ndn_len = 0;
+ } else {
+ sdn->ndn_len = strlen(dn);
+ sdn->dn = dn;
+ }
+ return sdn;
+}
+
+/* use when dn is already normalized (but case is yet touched) */
+Slapi_DN *
+slapi_sdn_init_normdn_passin(Slapi_DN *sdn, const char *dn)
+{
+ slapi_sdn_init(sdn);
+ if(dn == NULL) {
+ sdn->ndn_len = 0;
+ } else {
+ sdn->ndn_len = strlen(dn);
+ sdn->dn = dn;
+ sdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ }
+ return sdn;
}
Slapi_DN *
@@ -1789,7 +1852,7 @@ slapi_sdn_init_ndn_byref(Slapi_DN *sdn,const char *dn)
{
slapi_sdn_init(sdn);
slapi_sdn_set_ndn_byref(sdn,dn);
- return sdn;
+ return sdn;
}
Slapi_DN *
@@ -1797,7 +1860,7 @@ slapi_sdn_init_ndn_byval(Slapi_DN *sdn,const char *dn)
{
slapi_sdn_init(sdn);
slapi_sdn_set_ndn_byval(sdn,dn);
- return sdn;
+ return sdn;
}
Slapi_DN *
@@ -1845,16 +1908,46 @@ slapi_sdn_new_ndn_byref(const char *ndn)
return sdn;
}
+/* use when dn is already normalized */
+Slapi_DN *
+slapi_sdn_new_normdn_byref(const char *normdn)
+{
+ Slapi_DN *sdn = slapi_sdn_new();
+ slapi_sdn_set_normdn_byref(sdn, normdn);
+ SDN_DUMP( sdn, "slapi_sdn_new_normdn_byref");
+ return sdn;
+}
+
+/* use when dn is already normalized */
+Slapi_DN *
+slapi_sdn_new_normdn_passin(const char *normdn)
+{
+ Slapi_DN *sdn = slapi_sdn_new();
+ slapi_sdn_set_normdn_passin(sdn, normdn);
+ SDN_DUMP( sdn, "slapi_sdn_new_normdn_passin");
+ return sdn;
+}
+
+/* use when dn is already normalized */
+Slapi_DN *
+slapi_sdn_new_normdn_byval(const char *normdn)
+{
+ Slapi_DN *sdn = slapi_sdn_new();
+ slapi_sdn_set_normdn_byval(sdn, normdn);
+ SDN_DUMP( sdn, "slapi_sdn_new_normdn_byval");
+ return sdn;
+}
+
Slapi_DN *
slapi_sdn_set_dn_byval(Slapi_DN *sdn, const char *dn)
{
slapi_sdn_done(sdn);
- sdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_DN);
+ sdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_UDN);
if(dn!=NULL)
{
- sdn->dn= slapi_ch_strdup(dn);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ sdn->udn= slapi_ch_strdup(dn);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_exist);
}
return sdn;
}
@@ -1863,8 +1956,8 @@ Slapi_DN *
slapi_sdn_set_dn_byref(Slapi_DN *sdn, const char *dn)
{
slapi_sdn_done(sdn);
- sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_DN);
- sdn->dn= dn;
+ sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_UDN);
+ sdn->udn= dn;
return sdn;
}
@@ -1872,17 +1965,64 @@ Slapi_DN *
slapi_sdn_set_dn_passin(Slapi_DN *sdn, const char *dn)
{
slapi_sdn_done(sdn);
- sdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_DN);
- sdn->dn= dn;
+ sdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_UDN);
+ sdn->udn= dn;
if(dn!=NULL)
{
- PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_exist);
}
return sdn;
}
Slapi_DN *
+slapi_sdn_set_normdn_byref(Slapi_DN *sdn, const char *normdn)
+{
+ slapi_sdn_done(sdn);
+ sdn->flag = slapi_unsetbit_uchar(sdn->flag, FLAG_DN);
+ sdn->dn = normdn;
+ if(normdn == NULL) {
+ sdn->ndn_len = 0;
+ } else {
+ sdn->ndn_len = strlen(normdn);
+ }
+ return sdn;
+}
+
+Slapi_DN *
+slapi_sdn_set_normdn_passin(Slapi_DN *sdn, const char *normdn)
+{
+ slapi_sdn_done(sdn);
+ sdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ sdn->dn = normdn;
+ if(normdn == NULL) {
+ sdn->ndn_len = 0;
+ } else {
+ sdn->ndn_len = strlen(normdn);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ }
+ return sdn;
+}
+
+Slapi_DN *
+slapi_sdn_set_normdn_byval(Slapi_DN *sdn, const char *normdn)
+{
+ slapi_sdn_done(sdn);
+ sdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ if(normdn == NULL) {
+ sdn->dn = slapi_ch_strdup(normdn);
+ sdn->ndn_len = 0;
+ } else {
+ sdn->dn = slapi_ch_strdup(normdn);
+ sdn->ndn_len = strlen(normdn);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ }
+ return sdn;
+}
+
+Slapi_DN *
slapi_sdn_set_ndn_byval(Slapi_DN *sdn, const char *ndn)
{
slapi_sdn_done(sdn);
@@ -1925,7 +2065,7 @@ slapi_sdn_set_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn)
else
{
/* NewDN= NewRDN + OldParent */
- char *parentdn= slapi_dn_parent(sdn->dn);
+ char *parentdn = slapi_dn_parent(slapi_sdn_get_dn(sdn));
char *newdn = slapi_ch_smprintf("%s,%s", rawrdn, parentdn);
slapi_ch_free((void**)&parentdn);
slapi_sdn_set_dn_passin(sdn,newdn);
@@ -1939,7 +2079,7 @@ slapi_sdn_set_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn)
Slapi_DN *
slapi_sdn_add_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn)
{
- const char *rawrdn= slapi_rdn_get_rdn(rdn);
+ const char *rawrdn = slapi_rdn_get_rdn(rdn);
if(slapi_sdn_isempty(sdn))
{
slapi_sdn_set_dn_byval(sdn,rawrdn);
@@ -1972,7 +2112,7 @@ slapi_sdn_set_parent(Slapi_DN *sdn, const Slapi_DN *parentdn)
/* NewDN= OldRDN + NewParent */
Slapi_RDN rdn;
const char *rawrdn;
- slapi_rdn_init_dn(&rdn,sdn->dn);
+ slapi_rdn_init_dn(&rdn, slapi_sdn_get_dn(sdn));
rawrdn= slapi_rdn_get_rdn(&rdn);
if(slapi_sdn_isempty(parentdn))
{
@@ -1980,12 +2120,9 @@ slapi_sdn_set_parent(Slapi_DN *sdn, const Slapi_DN *parentdn)
}
else
{
- char *newdn;
- newdn= slapi_ch_malloc(strlen(rawrdn)+1+strlen(parentdn->dn)+1);
- strcpy( newdn, rawrdn );
- strcat( newdn, "," );
- strcat( newdn, parentdn->dn );
- slapi_sdn_set_dn_passin(sdn,newdn);
+ char *newdn =
+ slapi_ch_smprintf("%s,%s", rawrdn, slapi_sdn_get_dn(parentdn));
+ slapi_sdn_set_dn_passin(sdn, newdn);
}
slapi_rdn_done(&rdn);
}
@@ -2005,7 +2142,6 @@ slapi_sdn_done(Slapi_DN *sdn)
if(slapi_isbitset_uchar(sdn->flag,FLAG_DN))
{
slapi_ch_free((void**)&(sdn->dn));
- sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_DN);
PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_deleted);
PR_DECREMENT_COUNTER(slapi_sdn_counter_dn_exist);
}
@@ -2014,22 +2150,36 @@ slapi_sdn_done(Slapi_DN *sdn)
sdn->dn= NULL;
}
}
+ sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_DN);
if(sdn->ndn!=NULL)
{
if(slapi_isbitset_uchar(sdn->flag,FLAG_NDN))
{
slapi_ch_free((void**)&(sdn->ndn));
- sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_NDN);
- sdn->ndn_len=0;
PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_deleted);
PR_DECREMENT_COUNTER(slapi_sdn_counter_ndn_exist);
}
else
{
sdn->ndn= NULL;
- sdn->ndn_len=0;
}
}
+ sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_NDN);
+ sdn->ndn_len=0;
+ if(sdn->udn!=NULL)
+ {
+ if(slapi_isbitset_uchar(sdn->flag,FLAG_UDN))
+ {
+ slapi_ch_free((void**)&(sdn->udn));
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_deleted);
+ PR_DECREMENT_COUNTER(slapi_sdn_counter_udn_exist);
+ }
+ else
+ {
+ sdn->udn= NULL;
+ }
+ }
+ sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_UDN);
}
void
@@ -2037,9 +2187,11 @@ slapi_sdn_free(Slapi_DN **sdn)
{
if(sdn!=NULL && *sdn!=NULL)
{
+ int is_allocated = 0;
SDN_DUMP( *sdn, "slapi_sdn_free");
+ is_allocated = slapi_isbitset_uchar((*sdn)->flag, FLAG_ALLOCATED);
slapi_sdn_done(*sdn);
- if(slapi_isbitset_uchar((*sdn)->flag,FLAG_ALLOCATED))
+ if(is_allocated)
{
slapi_ch_free((void**)sdn);
PR_INCREMENT_COUNTER(slapi_sdn_counter_deleted);
@@ -2051,43 +2203,75 @@ slapi_sdn_free(Slapi_DN **sdn)
const char *
slapi_sdn_get_dn(const Slapi_DN *sdn)
{
- return (sdn->dn!=NULL ? sdn->dn : sdn->ndn);
+ if (NULL == sdn) {
+ return NULL;
+ }
+ if (sdn->dn) {
+ return sdn->dn;
+ } else if (sdn->ndn) {
+ return sdn->ndn;
+ } else if (sdn->udn) {
+ char *udn = slapi_ch_strdup(sdn->udn);
+ char *normed = NULL;
+ size_t dnlen = 0;
+ Slapi_DN *ncsdn = (Slapi_DN*)sdn; /* non-const Slapi_DN */
+ int rc = slapi_dn_normalize_ext(udn, 0, &normed, &dnlen);
+ if (rc == 0) { /* udn is passed in */
+ *(normed + dnlen) = '\0';
+ ncsdn->dn = normed;
+ ncsdn->ndn_len = dnlen;
+ ncsdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ } else if (rc > 0) { /* rc > 0 */
+ slapi_ch_free_string(&udn);
+ ncsdn->dn = normed;
+ ncsdn->ndn_len = dnlen;
+ ncsdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ }
+ /* else (rc < 0); normzlization failed. return NULL */
+ return sdn->dn;
+ } else {
+ return NULL;
+ }
}
const char *
slapi_sdn_get_ndn(const Slapi_DN *sdn)
{
- if(sdn->ndn==NULL)
- {
- if(sdn->dn!=NULL)
- {
- char *p= slapi_ch_strdup(sdn->dn);
- char *normed = NULL;
- size_t dnlen = 0;
- int rc = 0;
-
- Slapi_DN *ncsdn= (Slapi_DN*)sdn; /* non-const Slapi_DN */
- rc = slapi_dn_normalize_case_ext(p, 0, &normed, &dnlen);
- if (rc < 0) {
- /* we give up, just set dn to ndn */
- slapi_dn_ignore_case(p); /* ignore case */
- ncsdn->ndn = p;
- ncsdn->ndn_len = strlen(p);
- } else if (rc == 0) { /* p is passed in */
- *(normed + dnlen) = '\0';
- ncsdn->ndn = normed;
- ncsdn->ndn_len = dnlen;
- } else { /* rc > 0 */
- slapi_ch_free_string(&p);
- ncsdn->ndn = normed;
- ncsdn->ndn_len = dnlen;
- }
- ncsdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_NDN);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_created);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_exist);
- }
+ if (NULL == sdn) {
+ return NULL;
+ }
+ if (sdn->ndn) {
+ return sdn->ndn;
+ } else if (sdn->dn || sdn->udn) {
+ Slapi_DN *ncsdn = (Slapi_DN*)sdn; /* non-const Slapi_DN */
+ char *ndn = slapi_ch_strdup(slapi_sdn_get_dn(sdn));
+ slapi_dn_ignore_case(ndn); /* ignore case */
+ ncsdn->ndn = ndn;
+ ncsdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_NDN);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_exist);
+ return ndn;
+ } else {
+ return NULL;
+ }
+}
+
+const char *
+slapi_sdn_get_udn(const Slapi_DN *sdn)
+{
+ if (sdn->udn) {
+ return sdn->udn;
+ } else if (sdn->dn) {
+ return sdn->dn;
+ } else if (sdn->ndn) {
+ return sdn->ndn;
+ } else {
+ return NULL;
}
- return sdn->ndn;
}
void
@@ -2123,52 +2307,45 @@ Slapi_DN *
slapi_sdn_dup(const Slapi_DN *sdn)
{
Slapi_DN *tmp;
- SDN_DUMP( sdn, "slapi_sdn_dup");
- tmp=slapi_sdn_new_dn_byval(slapi_sdn_get_dn(sdn));
- /* can't use slapi_set_ndn_byval -- it nulls the dn */
- tmp->flag= slapi_setbit_uchar(tmp->flag,FLAG_NDN);
- if(sdn->ndn!=NULL)
- {
- tmp->ndn= slapi_ch_strdup(sdn->ndn);
- tmp->ndn_len=sdn->ndn_len;
- } else tmp->ndn=NULL;
+ SDN_DUMP( sdn, "slapi_sdn_dup");
+ tmp = slapi_sdn_new_normdn_byval(slapi_sdn_get_dn(sdn));
return tmp;
}
void
slapi_sdn_copy(const Slapi_DN *from, Slapi_DN *to)
{
- SDN_DUMP( from, "slapi_sdn_copy from");
- SDN_DUMP( to, "slapi_sdn_copy to");
+ SDN_DUMP( from, "slapi_sdn_copy from");
+ SDN_DUMP( to, "slapi_sdn_copy to");
slapi_sdn_done(to);
- slapi_sdn_set_dn_byval(to,slapi_sdn_get_dn(from));
+ slapi_sdn_set_normdn_byval(to, slapi_sdn_get_dn(from));
}
int
slapi_sdn_compare( const Slapi_DN *sdn1, const Slapi_DN *sdn2 )
{
- int rc;
- const char *ndn1= slapi_sdn_get_ndn(sdn1);
- const char *ndn2= slapi_sdn_get_ndn(sdn2);
+ int rc;
+ const char *ndn1= slapi_sdn_get_ndn(sdn1);
+ const char *ndn2= slapi_sdn_get_ndn(sdn2);
if(ndn1==ndn2)
{
rc= 0;
}
else
{
- if(ndn1==NULL)
+ if(ndn1==NULL)
{
rc= -1;
}
else
{
- if(ndn2==NULL)
- {
- rc= 1;
- }
- else
- {
- rc= strcmp(ndn1,ndn2);
+ if(ndn2==NULL)
+ {
+ rc= 1;
+ }
+ else
+ {
+ rc= strcmp(ndn1,ndn2);
}
}
}
@@ -2176,22 +2353,25 @@ slapi_sdn_compare( const Slapi_DN *sdn1, const Slapi_DN *sdn2 )
}
int
-slapi_sdn_isempty( const Slapi_DN *sdn)
+slapi_sdn_isempty(const Slapi_DN *sdn)
{
- const char *dn= slapi_sdn_get_dn(sdn);
+ const char *dn = NULL;
+ if (sdn) {
+ dn = slapi_sdn_get_dn(sdn);
+ }
return (dn==NULL || dn[0]=='\0');
}
int
slapi_sdn_issuffix(const Slapi_DN *sdn, const Slapi_DN *suffixsdn)
{
- int rc;
- const char *dn= slapi_sdn_get_ndn(sdn);
+ int rc;
+ const char *dn= slapi_sdn_get_ndn(sdn);
const char *suffixdn= slapi_sdn_get_ndn(suffixsdn);
if(dn!=NULL && suffixdn!=NULL)
{
- int dnlen = slapi_sdn_get_ndn_len(sdn);
- int suffixlen= slapi_sdn_get_ndn_len(suffixsdn);
+ int dnlen = slapi_sdn_get_ndn_len(sdn);
+ int suffixlen= slapi_sdn_get_ndn_len(suffixsdn);
if (dnlen<suffixlen)
{
rc= 0;
@@ -2203,9 +2383,8 @@ slapi_sdn_issuffix(const Slapi_DN *sdn, const Slapi_DN *suffixsdn)
return ( 1 );
}
- rc= ( (strcasecmp(suffixdn, dn+dnlen-suffixlen)==0)
- && ( (dnlen == suffixlen)
- || DNSEPARATOR(dn[dnlen-suffixlen-1])) );
+ rc = (((dnlen == suffixlen) || DNSEPARATOR(dn[dnlen-suffixlen-1]))
+ && (strcasecmp(suffixdn, dn+dnlen-suffixlen)==0));
}
}
else
@@ -2219,11 +2398,11 @@ slapi_sdn_issuffix(const Slapi_DN *sdn, const Slapi_DN *suffixsdn)
int
slapi_sdn_get_ndn_len(const Slapi_DN *sdn)
{
- int r= 0;
- (void)slapi_sdn_get_ndn(sdn); /* does the normalization if needed */
- if(sdn->ndn!=NULL)
+ int r = 0;
+ (void)slapi_sdn_get_dn(sdn); /* does the normalization if needed */
+ if(sdn->dn || sdn->ndn)
{
- r= sdn->ndn_len;
+ r = sdn->ndn_len;
}
return r;
}
@@ -2296,7 +2475,7 @@ slapi_sdn_scope_test( const Slapi_DN *dn, const Slapi_DN *base, int scope )
* build the new dn of an entry for moddn operations
*/
char *
-slapi_moddn_get_newdn(Slapi_DN *dn_olddn, char *newrdn, char *newsuperiordn)
+slapi_moddn_get_newdn(Slapi_DN *dn_olddn, const char *newrdn, const char *newsuperiordn)
{
char *newdn;
diff --git a/ldap/servers/slapd/dse.c b/ldap/servers/slapd/dse.c
index e3bfb18..727e999 100644
--- a/ldap/servers/slapd/dse.c
+++ b/ldap/servers/slapd/dse.c
@@ -1426,18 +1426,17 @@ dse_delete_entry(struct dse* pdse, Slapi_PBlock *pb, const Slapi_Entry *e)
int
dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from this function! */
{
- char *dn; /* The bind DN */
int method; /* The bind method */
struct berval *cred; /* The bind credentials */
Slapi_Value **bvals;
struct dse* pdse;
Slapi_Attr *attr;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_Entry *ec= NULL;
/*Get the parameters*/
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &dn ) < 0 ||
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &sdn ) < 0 ||
slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method ) < 0 ||
slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &cred ) < 0){
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
@@ -1456,13 +1455,10 @@ dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from thi
return( SLAPI_BIND_FAIL );
}
- /* Find the entry that the person is attempting to bind as */
- slapi_sdn_init_dn_byref(&sdn,dn);
- ec = dse_get_entry_copy(pdse,&sdn,DSE_USE_LOCK);
+ ec = dse_get_entry_copy(pdse, sdn, DSE_USE_LOCK);
if ( ec == NULL )
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return( SLAPI_BIND_FAIL );
}
@@ -1475,7 +1471,6 @@ dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from thi
{
slapi_send_ldap_result( pb, LDAP_INAPPROPRIATE_AUTH, NULL, NULL, 0, NULL );
slapi_entry_free(ec);
- slapi_sdn_done(&sdn);
return SLAPI_BIND_FAIL;
}
bvals= attr_get_present_values( attr );
@@ -1485,7 +1480,6 @@ dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from thi
{
slapi_send_ldap_result( pb, LDAP_INVALID_CREDENTIALS, NULL, NULL, 0, NULL );
slapi_entry_free(ec);
- slapi_sdn_done(&sdn);
value_done(&cv);
return SLAPI_BIND_FAIL;
}
@@ -1496,11 +1490,9 @@ dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from thi
default:
slapi_send_ldap_result( pb, LDAP_STRONG_AUTH_NOT_SUPPORTED, NULL, "auth method not supported", 0, NULL );
slapi_entry_free(ec);
- slapi_sdn_done(&sdn);
return SLAPI_BIND_FAIL;
}
slapi_entry_free(ec);
- slapi_sdn_done(&sdn);
/* success: front end will send result */
return SLAPI_BIND_SUCCESS;
}
@@ -1647,7 +1639,6 @@ do_dse_search(struct dse* pdse, Slapi_PBlock *pb, int scope, const Slapi_DN *bas
int
dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from this function! */
{
- char *base; /*Base of the search*/
int scope; /*Scope of the search*/
Slapi_Filter *filter; /*The filter*/
char **attrs; /*Attributes*/
@@ -1657,7 +1648,7 @@ dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
int returncode= LDAP_SUCCESS;
int isrootdse= 0;
char returntext[SLAPI_DSE_RETURNTEXT_SIZE]= "";
- Slapi_DN basesdn;
+ Slapi_DN *basesdn = NULL;
int estimate = 0; /* estimated search result set size */
/*
@@ -1666,7 +1657,7 @@ dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
* more or less directly from the client.
*/
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base ) < 0 ||
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &basesdn ) < 0 ||
slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope ) < 0 ||
slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, &filter ) < 0 ||
slapi_pblock_get( pb, SLAPI_SEARCH_ATTRS, &attrs ) < 0 ||
@@ -1675,27 +1666,23 @@ dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
return(-1);
}
-
- slapi_sdn_init_dn_byref(&basesdn,base);
-
/*
* Sadly the root dse is still a special case. We must not allow
* acl checks on it, or allow onelevel or subtree searches on it.
*/
- isrootdse= slapi_sdn_isempty(&basesdn);
+ isrootdse= slapi_sdn_isempty(basesdn);
switch(scope)
{
case LDAP_SCOPE_BASE:
{
Slapi_Entry *baseentry= NULL;
- baseentry = dse_get_entry_copy(pdse,&basesdn,DSE_USE_LOCK);
+ baseentry = dse_get_entry_copy(pdse, basesdn, DSE_USE_LOCK);
if ( baseentry == NULL )
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
slapi_log_error(SLAPI_LOG_PLUGIN,"dse_search", "node %s was not found\n",
- slapi_sdn_get_dn(&basesdn));
- slapi_sdn_done(&basesdn);
+ slapi_sdn_get_dn(basesdn));
return -1;
}
/*
@@ -1726,14 +1713,13 @@ dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
case LDAP_SCOPE_SUBTREE:
if(!isrootdse)
{
- estimate = do_dse_search(pdse, pb, scope, &basesdn, filter, attrs, attrsonly);
+ estimate = do_dse_search(pdse, pb, scope, basesdn, filter, attrs, attrsonly);
}
break;
}
slapi_pblock_set (pb, SLAPI_SEARCH_RESULT_SET_SIZE_ESTIMATE, &estimate);
/* Search is done, send LDAP_SUCCESS */
- slapi_sdn_done(&basesdn);
return 0;
}
@@ -1756,19 +1742,19 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
int err; /*House keeping stuff*/
LDAPMod **mods; /*Used to apply the modifications*/
- char *dn; /*Storage for the dn*/
char *errbuf = NULL; /* To get error back */
struct dse* pdse;
Slapi_Entry *ec= NULL;
Slapi_Entry *ecc= NULL;
int returncode= LDAP_SUCCESS;
char returntext[SLAPI_DSE_RETURNTEXT_SIZE]= "";
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
int dont_write_file = 0; /* default */
PR_ASSERT(pb);
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_MODIFY_TARGET, &dn ) < 0 ||
+ /* slapi_pblock_get( pb, SLAPI_MODIFY_TARGET, &dn ) < 0 || */
+ slapi_pblock_get( pb, SLAPI_MODIFY_TARGET_SDN, &sdn ) < 0 ||
slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ) < 0 || (NULL == pdse))
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
@@ -1780,14 +1766,11 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
return( -1 );
}
- slapi_sdn_init_dn_byref(&sdn,dn);
-
/* Find the entry we are about to modify. */
- ec = dse_get_entry_copy(pdse,&sdn,DSE_USE_LOCK);
+ ec = dse_get_entry_copy(pdse, sdn, DSE_USE_LOCK);
if ( ec == NULL )
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1797,7 +1780,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
slapi_send_ldap_result( pb, err, NULL, errbuf, 0, NULL );
if (errbuf) slapi_ch_free ((void**)&errbuf);
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1817,7 +1799,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
/* Error occured in the callback -- return error code from callback */
slapi_send_ldap_result( pb, returncode, NULL, returntext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1825,7 +1806,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
/* Callback says don't apply the changes -- return Success */
slapi_send_ldap_result( pb, LDAP_SUCCESS, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( 0, ec, ecc );
}
@@ -1861,7 +1841,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
/* entry_apply_mods() failed above, so return an error now */
slapi_send_ldap_result( pb, err, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
break;
@@ -1875,7 +1854,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &errtext);
slapi_send_ldap_result( pb, LDAP_OBJECT_CLASS_VIOLATION, NULL, errtext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1886,7 +1864,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &errtext);
slapi_send_ldap_result( pb, LDAP_INVALID_SYNTAX, NULL, errtext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1895,7 +1872,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
if (dse_replace_entry( pdse, ecc, !dont_write_file, DSE_USE_LOCK )!=0 )
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
slapi_pblock_set( pb, SLAPI_ENTRY_POST_OP, slapi_entry_dup(ecc) ); /* JCM - When does this get free'd? */
@@ -1904,7 +1880,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_send_ldap_result( pb, returncode, NULL, returntext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return(0, ec, ecc);
}
@@ -1922,7 +1897,6 @@ dse_add_return( int rv, Slapi_Entry *e)
int
dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this function! */
{
- char *dn = NULL;
Slapi_Entry *e; /*The new entry to add*/
Slapi_Entry *e_copy = NULL; /* copy of added entry */
char *errbuf = NULL;
@@ -1932,14 +1906,14 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
struct dse* pdse;
int returncode= LDAP_SUCCESS;
char returntext[SLAPI_DSE_RETURNTEXT_SIZE]= "";
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_DN parent;
/*
* Get the database, the dn and the entry to add
*/
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_ADD_TARGET, &dn ) < 0 ||
+ slapi_pblock_get( pb, SLAPI_ADD_TARGET_SDN, &sdn ) < 0 ||
slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &e ) < 0 || (NULL == pdse))
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
@@ -1951,8 +1925,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
return( error );
}
- slapi_sdn_init_dn_byref(&sdn,dn);
-
/*
* Check to make sure the entry passes the schema check
*/
@@ -1963,7 +1935,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
"dse_add: entry failed schema check\n", 0, 0, 0 );
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &errtext);
slapi_send_ldap_result( pb, LDAP_OBJECT_CLASS_VIOLATION, NULL, errtext, 0, NULL );
- slapi_sdn_done(&sdn);
return error;
}
@@ -1975,7 +1946,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
"dse_add: entry failed syntax check\n", 0, 0, 0 );
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &errtext);
slapi_send_ldap_result( pb, LDAP_INVALID_SYNTAX, NULL, errtext, 0, NULL );
- slapi_sdn_done(&sdn);
return error;
}
@@ -1983,7 +1953,7 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
* Attempt to find this dn.
*/
{
- Slapi_Entry *existingentry= dse_get_entry_copy( pdse, &sdn, DSE_USE_LOCK );
+ Slapi_Entry *existingentry= dse_get_entry_copy( pdse, sdn, DSE_USE_LOCK );
if(existingentry!=NULL)
{
/*
@@ -1991,7 +1961,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
* whose dn matches dn, so tell the user and return
*/
slapi_send_ldap_result( pb, LDAP_ALREADY_EXISTS, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
slapi_entry_free(existingentry);
return dse_add_return(error, NULL);
}
@@ -2003,7 +1972,7 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
* add the entry.
*/
slapi_sdn_init(&parent);
- slapi_sdn_get_parent(&sdn,&parent);
+ slapi_sdn_get_parent(sdn, &parent);
if ( !slapi_sdn_isempty(&parent) )
{
Slapi_Entry *parententry= NULL;
@@ -2012,7 +1981,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
LDAPDebug( SLAPI_DSE_TRACELEVEL, "dse_add: parent does not exist\n", 0, 0, 0 );
- slapi_sdn_done(&sdn);
slapi_sdn_done(&parent);
return dse_add_return(error, NULL);
}
@@ -2023,7 +1991,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
LDAPDebug( SLAPI_DSE_TRACELEVEL, "dse_add: no access to parent\n", 0, 0, 0 );
slapi_send_ldap_result( pb, rc, NULL, NULL, 0, NULL );
slapi_ch_free((void**)&errbuf);
- slapi_sdn_done(&sdn);
slapi_sdn_done(&parent);
return dse_add_return(rc, NULL);
}
@@ -2037,7 +2004,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
{
LDAPDebug( SLAPI_DSE_TRACELEVEL, "dse_add: no parent and not root\n", 0, 0, 0 );
slapi_send_ldap_result( pb, LDAP_INSUFFICIENT_ACCESS, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
slapi_sdn_done(&parent);
return dse_add_return(error, NULL);
}
@@ -2060,7 +2026,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
NULL, &returncode, returntext)!=SLAPI_DSE_CALLBACK_OK)
{
slapi_send_ldap_result( pb, returncode, NULL, returntext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_add_return(error, NULL);
}
@@ -2069,7 +2034,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
if ( dse_add_entry_pb(pdse, e_copy, pb) != 0)
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_add_return(error, NULL);
}
/* The postop must be called after the write lock is released. */
@@ -2083,9 +2047,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
/* entry has been freed, so make sure no one tries to use it later */
slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
- /* Free the dn, and return */
- slapi_sdn_done(&sdn);
-
return dse_add_return(rc, e);
}
@@ -2104,40 +2065,37 @@ dse_delete_return( int rv, Slapi_Entry *ec)
int
dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from this function! */
{
- char *dn = NULL;
int rc= -1;
- int dont_write_file = 0; /* default */
+ int dont_write_file = 0; /* default */
struct dse* pdse = NULL;
int returncode= LDAP_SUCCESS;
char returntext[SLAPI_DSE_RETURNTEXT_SIZE]= "";
char *entry_str = "entry";
char *errbuf = NULL;
- char *attrs[2] = { NULL, NULL };
- Slapi_DN sdn;
- Slapi_Entry *ec = NULL; /* copy of entry to delete */
+ char *attrs[2] = { NULL, NULL };
+ Slapi_DN *sdn = NULL;
+ Slapi_Entry *ec = NULL; /* copy of entry to delete */
/*
* Get the database and the dn
*/
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_DELETE_TARGET, &dn ) < 0 || (pdse == NULL))
+ slapi_pblock_get( pb, SLAPI_DELETE_TARGET_SDN, &sdn ) < 0 ||
+ (pdse == NULL))
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
return rc;
}
- slapi_pblock_get(pb, SLAPI_DSE_DONT_WRITE_WHEN_ADDING, &dont_write_file);
- if ( !dont_write_file && dse_check_for_readonly_error(pb,pdse)) {
+ slapi_pblock_get(pb, SLAPI_DSE_DONT_WRITE_WHEN_ADDING, &dont_write_file);
+ if ( !dont_write_file && dse_check_for_readonly_error(pb,pdse)) {
return( rc );
}
- slapi_sdn_init_dn_byref(&sdn,dn);
-
- ec= dse_get_entry_copy( pdse, &sdn, DSE_USE_LOCK );
+ ec= dse_get_entry_copy( pdse, sdn, DSE_USE_LOCK );
if (ec == NULL)
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_delete_return( rc, ec );
}
@@ -2147,7 +2105,6 @@ dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
if(dse_numsubordinates(ec)>0)
{
slapi_send_ldap_result( pb, LDAP_NOT_ALLOWED_ON_NONLEAF, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_delete_return( rc, ec );
}
@@ -2161,7 +2118,6 @@ dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
slapi_send_ldap_result( pb, returncode, NULL, NULL, 0, NULL );
slapi_ch_free ( (void**)&errbuf );
- slapi_sdn_done(&sdn);
return dse_delete_return( rc, ec );
}
@@ -2175,7 +2131,6 @@ dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
else
{
slapi_send_ldap_result( pb, returncode, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_delete_return( rc, ec );
}
@@ -2183,7 +2138,6 @@ dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_send_ldap_result( pb, returncode, NULL, returntext, 0, NULL );
slapi_pblock_set( pb, SLAPI_ENTRY_PRE_OP, slapi_entry_dup( ec ));
- slapi_sdn_done(&sdn);
return dse_delete_return(0, ec);
}
diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c
index 8a91e39..03f2767 100644
--- a/ldap/servers/slapd/entry.c
+++ b/ldap/servers/slapd/entry.c
@@ -276,18 +276,22 @@ str2entry_fast( const char *rawdn, char *s, int flags, int read_stateinfo )
normdn =
slapi_dn_normalize_original(slapi_ch_strdup(rawdn));
} else {
- normdn = slapi_create_dn_string("%s", rawdn);
- if (NULL == normdn) {
- LDAPDebug1Arg(LDAP_DEBUG_TRACE,
- "str2entry_fast: Invalid DN: %s\n", rawdn);
- slapi_entry_free( e );
- if (freeval) slapi_ch_free_string(&value.bv_val);
- e = NULL;
- goto done;
+ if (flags & SLAPI_STR2ENTRY_DN_NORMALIZED) {
+ normdn = slapi_ch_strdup(rawdn);
+ } else {
+ normdn = slapi_create_dn_string("%s", rawdn);
+ if (NULL == normdn) {
+ LDAPDebug1Arg(LDAP_DEBUG_TRACE,
+ "str2entry_fast: Invalid DN: %s\n", rawdn);
+ slapi_entry_free( e );
+ if (freeval) slapi_ch_free_string(&value.bv_val);
+ e = NULL;
+ goto done;
+ }
}
}
/* normdn is consumed in e */
- slapi_entry_set_dn(e, normdn);
+ slapi_entry_set_normdn(e, normdn);
}
if ( NULL == slapi_entry_get_rdn_const( e )) {
if (normdn) {
@@ -298,14 +302,19 @@ str2entry_fast( const char *rawdn, char *s, int flags, int read_stateinfo )
normdn =
slapi_dn_normalize_original(slapi_ch_strdup(rawdn));
} else {
- normdn = slapi_create_dn_string("%s", rawdn);
- if (NULL == normdn) {
- LDAPDebug1Arg(LDAP_DEBUG_TRACE,
- "str2entry_fast: Invalid DN: %s\n", rawdn);
- slapi_entry_free( e );
- if (freeval) slapi_ch_free_string(&value.bv_val);
- e = NULL;
- goto done;
+ if (flags & SLAPI_STR2ENTRY_DN_NORMALIZED) {
+ normdn = slapi_ch_strdup(rawdn);
+ } else {
+ normdn = slapi_create_dn_string("%s", rawdn);
+ if (NULL == normdn) {
+ LDAPDebug1Arg(LDAP_DEBUG_TRACE,
+ "str2entry_fast: Invalid DN: %s\n", rawdn);
+ slapi_entry_free( e );
+ if (freeval)
+ slapi_ch_free_string(&value.bv_val);
+ e = NULL;
+ goto done;
+ }
}
}
/* normdn is just referred in slapi_entry_set_rdn. */
@@ -345,7 +354,7 @@ str2entry_fast( const char *rawdn, char *s, int flags, int read_stateinfo )
goto done;
}
/* normdn is consumed in e */
- slapi_entry_set_dn(e, normdn);
+ slapi_entry_set_normdn(e, normdn);
/* the memory below was not allocated by the slapi_ch_ functions */
if (freeval) slapi_ch_free_string(&value.bv_val);
@@ -429,7 +438,6 @@ str2entry_fast( const char *rawdn, char *s, int flags, int read_stateinfo )
if (slapi_attr_is_dn_syntax_attr(*a)) {
int rc = 0;
char *dn_aval = NULL;
- size_t dnlen = 0;
if (strict) {
/* check that the dn is formatted correctly */
rc = slapi_dn_syntax_check(NULL, value.bv_val, 1);
@@ -447,23 +455,14 @@ str2entry_fast( const char *rawdn, char *s, int flags, int read_stateinfo )
dn_aval = slapi_dn_normalize_original(value.bv_val);
slapi_value_set(svalue, dn_aval, strlen(dn_aval));
} else {
- rc = slapi_dn_normalize_ext(value.bv_val,
- value.bv_len, &dn_aval, &dnlen);
- if (rc < 0) {
- /* Give up normalizing the attribute value */
- LDAPDebug2Args(LDAP_DEBUG_TRACE,
- "str2entry_fast: Invalid DN value: %s: %s\n",
- type.bv_val, value.bv_val);
- dn_aval = value.bv_val;
- dnlen = value.bv_len;
- } else if (rc == 0) { /* rc == 0; valuecharptr is passed in;
- not null terminated */
- *(dn_aval + dnlen) = '\0';
- }
- slapi_value_set(svalue, dn_aval, dnlen);
- if (rc > 0) { /* if rc == 0, valuecharptr is passed in */
- slapi_ch_free_string(&dn_aval);
- }
+ Slapi_DN *sdn = slapi_sdn_new_dn_byref(value.bv_val);
+ /* Note: slapi_sdn_get_dn returns normalized DN with
+ * case-intact. Thus, the length of dn_aval is
+ * slapi_sdn_get_ndn_len(sdn). */
+ dn_aval = (char *)slapi_sdn_get_dn(sdn);
+ slapi_value_set(svalue, (void *)dn_aval,
+ slapi_sdn_get_ndn_len(sdn));
+ slapi_sdn_free(&sdn);
}
} else {
slapi_value_set_berval(svalue, &value);
@@ -809,34 +808,42 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int read_stateinfo )
if ( rawdn ) {
if ( NULL == slapi_entry_get_dn_const(e) ) {
- normdn = slapi_create_dn_string("%s", rawdn);
- if (NULL == normdn) {
- LDAPDebug1Arg(LDAP_DEBUG_TRACE,
- "str2entry_dupcheck: Invalid DN: %s\n", rawdn);
- slapi_entry_free( e );
- if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
- csn_free(&attributedeletioncsn);
- csn_free(&maxcsn);
- return NULL;
- }
- /* normdn is consumed in e */
- slapi_entry_set_dn(e, normdn);
- }
- if ( NULL == slapi_entry_get_rdn_const(e) ) {
- if (normdn) {
- /* normdn is just referred in slapi_entry_set_rdn. */
- slapi_entry_set_rdn(e, normdn);
+ if (flags & SLAPI_STR2ENTRY_DN_NORMALIZED) {
+ normdn = slapi_ch_strdup(rawdn);
} else {
normdn = slapi_create_dn_string("%s", rawdn);
if (NULL == normdn) {
LDAPDebug1Arg(LDAP_DEBUG_TRACE,
- "str2entry_dupcheck: Invalid DN: %s\n", rawdn);
+ "str2entry_dupcheck: Invalid DN: %s\n", rawdn);
slapi_entry_free( e );
if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
csn_free(&attributedeletioncsn);
csn_free(&maxcsn);
return NULL;
}
+ }
+ /* normdn is consumed in e */
+ slapi_entry_set_normdn(e, normdn);
+ }
+ if ( NULL == slapi_entry_get_rdn_const(e) ) {
+ if (normdn) {
+ /* normdn is just referred in slapi_entry_set_rdn. */
+ slapi_entry_set_rdn(e, normdn);
+ } else {
+ if (flags & SLAPI_STR2ENTRY_DN_NORMALIZED) {
+ normdn = slapi_ch_strdup(rawdn);
+ } else {
+ normdn = slapi_create_dn_string("%s", rawdn);
+ if (NULL == normdn) {
+ LDAPDebug1Arg(LDAP_DEBUG_TRACE,
+ "str2entry_dupcheck: Invalid DN: %s\n", rawdn);
+ slapi_entry_free( e );
+ if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
+ csn_free(&attributedeletioncsn);
+ csn_free(&maxcsn);
+ return NULL;
+ }
+ }
/* normdn is just referred in slapi_entry_set_rdn. */
slapi_entry_set_rdn(e, normdn);
slapi_ch_free_string(&normdn);
@@ -866,7 +873,7 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int read_stateinfo )
goto free_and_return;
}
/* normdn is consumed in e */
- slapi_entry_set_dn(e, normdn);
+ slapi_entry_set_normdn(e, normdn);
/* the memory below was not allocated by the slapi_ch_ functions */
if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
continue;
@@ -1019,8 +1026,8 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int read_stateinfo )
sa = prev_attr; /* For readability */
value= value_new(NULL, CSN_TYPE_NONE, NULL);
if (slapi_attr_is_dn_syntax_attr(&(sa->sa_attr))) {
- char *dn_aval = NULL;
- size_t dnlen = 0;
+ Slapi_DN *sdn = NULL;
+ const char *dn_aval = NULL;
if (strict) {
/* check that the dn is formatted correctly */
rc = slapi_dn_syntax_check(NULL, valuecharptr, 1);
@@ -1033,22 +1040,13 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int read_stateinfo )
goto free_and_return;
}
}
- rc = slapi_dn_normalize_ext(bvvalue.bv_val, bvvalue.bv_len, &dn_aval, &dnlen);
- if (rc < 0) {
- /* Give up normalizing the attribute value */
- LDAPDebug2Args(LDAP_DEBUG_TRACE,
- "str2entry_dupcheck: Invalid DN value: %s: %s\n",
- type, valuecharptr);
- dn_aval = valuecharptr;
- dnlen = bvvalue.bv_len;
- }
- slapi_value_set(value, dn_aval, dnlen);
- if (rc > 0) { /* if rc == 0, valuecharptr is passed in */
- slapi_ch_free_string(&dn_aval);
- } else if (rc == 0) { /* rc == 0; valuecharptr is passed in;
- not null terminated */
- *(dn_aval + dnlen) = '\0';
- }
+ sdn = slapi_sdn_new_dn_byref(bvvalue.bv_val);
+ /* Note: slapi_sdn_get_dn returns the normalized DN
+ * with case-intact. Thus, the length of dn_aval is
+ * slapi_sdn_get_ndn_len(sdn). */
+ dn_aval = slapi_sdn_get_dn(sdn);
+ slapi_value_set(value, (void *)dn_aval, slapi_sdn_get_ndn_len(sdn));
+ slapi_sdn_free(&sdn);
} else {
slapi_value_set_berval(value, &bvvalue);
}
@@ -1381,19 +1379,19 @@ slapi_str2entry( char *s, int flags )
* NOTE: the first arg "dn" should have been normalized before passing.
*/
Slapi_Entry *
-slapi_str2entry_ext( const char *dn, char *s, int flags )
+slapi_str2entry_ext( const char *normdn, char *s, int flags )
{
Slapi_Entry *e;
int read_stateinfo= ~( flags & SLAPI_STR2ENTRY_IGNORE_STATE );
- if (NULL == dn)
+ if (NULL == normdn)
{
return slapi_str2entry( s, flags );
}
LDAPDebug( LDAP_DEBUG_ARGS,
"slapi_str2entry_ext: flags=0x%x, dn=\"%s\", entry=\"%.50s...\"\n",
- flags, dn, s );
+ flags, normdn, s );
/*
@@ -1404,11 +1402,13 @@ slapi_str2entry_ext( const char *dn, char *s, int flags )
if ( 0 != ( flags & SLAPI_STR2ENTRY_NOT_WELL_FORMED_LDIF ) ||
0 != ( flags & ~SLAPI_STRENTRY_FLAGS_HANDLED_BY_STR2ENTRY_FAST ))
{
- e= str2entry_dupcheck( dn, s, flags, read_stateinfo );
+ e = str2entry_dupcheck( normdn, s,
+ flags|SLAPI_STR2ENTRY_DN_NORMALIZED, read_stateinfo );
}
else
{
- e= str2entry_fast( dn, s, flags, read_stateinfo );
+ e = str2entry_fast( normdn, s,
+ flags|SLAPI_STR2ENTRY_DN_NORMALIZED, read_stateinfo );
}
if (!e)
return e; /* e == NULL */
@@ -1941,15 +1941,30 @@ void
slapi_entry_init(Slapi_Entry *e, char *dn, Slapi_Attr *a)
{
slapi_sdn_set_dn_passin(slapi_entry_get_sdn(e), dn);
- e->e_uniqueid= NULL;
+ e->e_uniqueid= NULL;
e->e_attrs= a;
e->e_dncsnset= NULL;
e->e_maxcsn= NULL;
- e->e_deleted_attrs= NULL;
- e->e_virtual_attrs= NULL;
- e->e_virtual_watermark= 0;
- e->e_virtual_lock= slapi_new_rwlock();
- e->e_flags= 0;
+ e->e_deleted_attrs= NULL;
+ e->e_virtual_attrs= NULL;
+ e->e_virtual_watermark= 0;
+ e->e_virtual_lock= slapi_new_rwlock();
+ e->e_flags= 0;
+}
+
+void
+slapi_entry_init_ext(Slapi_Entry *e, Slapi_DN *sdn, Slapi_Attr *a)
+{
+ slapi_sdn_copy(sdn, slapi_entry_get_sdn(e));
+ e->e_uniqueid= NULL;
+ e->e_attrs= a;
+ e->e_dncsnset= NULL;
+ e->e_maxcsn= NULL;
+ e->e_deleted_attrs= NULL;
+ e->e_virtual_attrs= NULL;
+ e->e_virtual_watermark= 0;
+ e->e_virtual_lock= slapi_new_rwlock();
+ e->e_flags= 0;
}
void
@@ -2004,10 +2019,10 @@ static size_t slapi_dn_size(Slapi_DN *sdn)
if (sdn == NULL) return 0;
if (slapi_sdn_get_dn(sdn)) {
- size += strlen(slapi_sdn_get_dn(sdn)) + 1;
+ size += slapi_sdn_get_ndn_len(sdn) + 1;
}
if (slapi_sdn_get_ndn(sdn)) {
- size += strlen(slapi_sdn_get_ndn(sdn)) + 1;
+ size += slapi_sdn_get_ndn_len(sdn) + 1;
}
return size;
@@ -2182,6 +2197,12 @@ slapi_entry_set_dn( Slapi_Entry *e, char *dn )
slapi_sdn_set_dn_passin(slapi_entry_get_sdn(e),dn);
}
+void
+slapi_entry_set_normdn( Slapi_Entry *e, char *dn )
+{
+ slapi_sdn_set_normdn_passin(slapi_entry_get_sdn(e), dn);
+}
+
/*
* WARNING - The DN is copied.
* The DN could be dn or RDN.
@@ -3166,18 +3187,18 @@ slapi_entry_rename(Slapi_Entry *e, const char *newrdn, int deleteoldrdn, const c
/* Build new DN. If newsuperior is set, just use "newrdn,newsuperior". If
* newsuperior is not set, need to add newrdn to old superior. */
if (newsuperior) {
- newdn = slapi_ch_smprintf("%s,%s", newrdn, newsuperior);
+ newdn = slapi_create_dn_string("%s,%s", newrdn, newsuperior);
} else {
char *oldsuperior = NULL;
oldsuperior = slapi_dn_parent(olddn);
- newdn = slapi_ch_smprintf("%s,%s", newrdn, oldsuperior);
+ newdn = slapi_create_dn_string("%s,%s", newrdn, oldsuperior);
slapi_ch_free_string(&oldsuperior);
}
/* Set the new DN in the entry. This hands off the memory used by newdn to the entry. */
- slapi_entry_set_dn(e, newdn);
+ slapi_entry_set_normdn(e, newdn);
/* Set the RDN in the entry. */
slapi_entry_set_rdn(e, newdn);
@@ -3826,8 +3847,8 @@ slapi_entries_diff(Slapi_Entry **old_entries, Slapi_Entry **curr_entries,
}
if (0 == isfirst && force_update && testall)
{
- slapi_modify_internal_set_pb(&pb,
- slapi_entry_get_dn_const(*oep),
+ slapi_modify_internal_set_pb_ext(&pb,
+ slapi_entry_get_sdn_const(*oep),
slapi_mods_get_ldapmods_byref(smods),
NULL, NULL, plg_id, 0);
diff --git a/ldap/servers/slapd/extendop.c b/ldap/servers/slapd/extendop.c
index 17b2f7b..8f25b27 100644
--- a/ldap/servers/slapd/extendop.c
+++ b/ldap/servers/slapd/extendop.c
@@ -54,8 +54,7 @@ static void extop_handle_import_start(Slapi_PBlock *pb, char *extoid,
struct berval *extval)
{
char *orig = NULL;
- char *suffix = NULL;
- size_t dnlen = 0;
+ const char *suffix = NULL;
Slapi_DN *sdn = NULL;
Slapi_Backend *be = NULL;
struct berval bv;
@@ -84,28 +83,16 @@ static void extop_handle_import_start(Slapi_PBlock *pb, char *extoid,
return;
}
}
- ret = slapi_dn_normalize_ext(orig, 0, &suffix, &dnlen);
- if (ret < 0) {
- LDAPDebug1Arg(LDAP_DEBUG_ANY,
- "extop_handle_import_start: invalid suffix\n", orig);
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid suffix", 0, NULL);
- return;
- } else if (ret > 0) {
- slapi_ch_free_string(&orig);
- } else { /* ret == 0; orig is passed in; not null terminated */
- *(suffix + dnlen) = '\0';
- }
- sdn = slapi_sdn_new_dn_byval(suffix);
+ sdn = slapi_sdn_new_dn_passin(orig);
if (!sdn) {
LDAPDebug(LDAP_DEBUG_ANY,
"extop_handle_import_start: out of memory\n", 0, 0, 0);
send_ldap_result(pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL);
return;
}
+ suffix = slapi_sdn_get_dn(sdn);
/* be = slapi_be_select(sdn); */
be = slapi_mapping_tree_find_backend_for_sdn(sdn);
- slapi_sdn_free(&sdn);
if (be == NULL || be == defbackend_get_backend()) {
/* might be instance name instead of suffix */
be = slapi_be_select_by_instance_name(suffix);
@@ -191,7 +178,7 @@ static void extop_handle_import_start(Slapi_PBlock *pb, char *extoid,
"Bulk import: begin import on '%s'.\n", suffix, 0, 0);
out:
- slapi_ch_free((void **)&suffix);
+ slapi_sdn_free(&sdn);
return;
}
diff --git a/ldap/servers/slapd/fedse.c b/ldap/servers/slapd/fedse.c
index 8a61e72..ab94628 100644
--- a/ldap/servers/slapd/fedse.c
+++ b/ldap/servers/slapd/fedse.c
@@ -1562,7 +1562,7 @@ internal_add_helper(Slapi_Entry *e, int dont_write_file)
slapi_add_entry_internal_set_pb(&newpb, e, NULL,
plugin_get_default_component_id(),
plugin_actions);
- slapi_pblock_set(&newpb, SLAPI_TARGET_DN, (void*)slapi_entry_get_dn_const(e));
+ slapi_pblock_set(&newpb, SLAPI_TARGET_SDN, (void*)slapi_entry_get_sdn_const(e));
slapi_pblock_set(&newpb, SLAPI_DSE_DONT_WRITE_WHEN_ADDING,
(void *)&dont_write_file);
slapi_pblock_get(&newpb, SLAPI_OPERATION, &op);
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 928d648..b9beafb 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -1489,8 +1489,9 @@ int config_set_anon_limits_dn( const char *attrname, char *value, char *errorbuf
CFG_LOCK_WRITE(slapdFrontendConfig);
slapi_ch_free ( (void **) &(slapdFrontendConfig->anon_limits_dn) );
- slapdFrontendConfig->anon_limits_dn = slapi_ch_strdup ( value );
- CFG_UNLOCK_WRITE(slapdFrontendConfig);
+ slapdFrontendConfig->anon_limits_dn =
+ slapi_create_dn_string("%s", value);
+ CFG_UNLOCK_WRITE(slapdFrontendConfig);
}
return retVal;
}
diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c
index 059cf33..ffcdbab 100644
--- a/ldap/servers/slapd/main.c
+++ b/ldap/servers/slapd/main.c
@@ -1644,14 +1644,22 @@ process_command_line(int argc, char **argv, char *myname,
break;
case 's': /* which suffix to include in import/export */
{
- char *s= slapi_dn_normalize ( slapi_ch_strdup(optarg_ext) );
- charray_add(&db2ldif_include,s);
+ int rc = charray_normdn_add(&db2ldif_include, optarg_ext, NULL);
+ if (rc < 0) {
+ fprintf(stderr, "Invalid dn: -s %s\n", optarg_ext);
+ usage(myname, *extraname);
+ exit(1);
+ }
}
break;
case 'x': /* which suffix to exclude in import/export */
{
- char *s= slapi_dn_normalize ( slapi_ch_strdup(optarg_ext) );
- charray_add(&db2ldif_exclude,s);
+ int rc = charray_normdn_add(&db2ldif_exclude, optarg_ext, NULL);
+ if (rc < 0) {
+ fprintf(stderr, "Invalid dn: -x %s\n", optarg_ext);
+ usage(myname, *extraname);
+ exit(1);
+ }
}
break;
case 'r': /* db2ldif for replication */
diff --git a/ldap/servers/slapd/mapping_tree.c b/ldap/servers/slapd/mapping_tree.c
index cc007df..64a00bf 100644
--- a/ldap/servers/slapd/mapping_tree.c
+++ b/ldap/servers/slapd/mapping_tree.c
@@ -245,7 +245,7 @@ Slapi_DN* slapi_mtn_get_dn(mapping_tree_node *node)
/* this will turn an array of url into a referral entry */
static Slapi_Entry *
-referral2entry(char ** url_array, const char *target)
+referral2entry(char ** url_array, Slapi_DN *target_sdn)
{
int i;
struct berval bv0,bv1,*bvals[3];
@@ -255,7 +255,7 @@ referral2entry(char ** url_array, const char *target)
return NULL;
anEntry = slapi_entry_alloc();
- slapi_entry_set_dn(anEntry,slapi_ch_strdup(target));
+ slapi_entry_set_sdn(anEntry, target_sdn);
bvals[2]=NULL;
bvals[1]=&bv1;
@@ -309,7 +309,7 @@ mapping_tree_node_new(Slapi_DN *dn, Slapi_Backend **be, char **backend_names, in
node->mtn_be_states = be_states;
node->mtn_backend_names = backend_names;
node->mtn_referral = referral;
- node->mtn_referral_entry = referral2entry(referral, slapi_sdn_get_dn(dn)) ;
+ node->mtn_referral_entry = referral2entry(referral, dn) ;
node->mtn_parent = parent;
node->mtn_children = NULL;
node->mtn_brother = NULL;
@@ -386,8 +386,7 @@ get_parent_from_entry(Slapi_Entry * entry)
*ptr = '\0';
}
}
- parent_sdn =
- slapi_sdn_new_dn_passin(slapi_create_dn_string("%s", parent));
+ parent_sdn = slapi_sdn_new_dn_passin(slapi_ch_smprintf("%s", parent));
slapi_ch_free_string(&origparent);
}
@@ -433,7 +432,7 @@ get_subtree_from_entry(Slapi_Entry * entry)
*ptr = '\0';
}
}
- subtree = slapi_sdn_new_dn_passin(slapi_create_dn_string("%s", cn));
+ subtree = slapi_sdn_new_dn_passin(slapi_ch_smprintf("%s", cn));
slapi_ch_free_string(&origcn);
}
@@ -1240,8 +1239,7 @@ int mapping_tree_entry_modify_callback(Slapi_PBlock *pb, Slapi_Entry* entryBefor
mtn_free_referral_in_node(node);
referral = mtn_get_referral_from_entry(entryAfter);
node->mtn_referral = referral;
- node->mtn_referral_entry =
- referral2entry(referral, slapi_sdn_get_dn(subtree));
+ node->mtn_referral_entry = referral2entry(referral, subtree);
} else if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op))
{
/* it is not OK to delete the referrals if they are still
@@ -2128,8 +2126,7 @@ int slapi_mapping_tree_select_all(Slapi_PBlock *pb, Slapi_Backend **be_list,
Slapi_Backend * be;
Slapi_Entry * referral;
int scope = LDAP_SCOPE_BASE;
- Slapi_DN sdn;
- char *base;
+ Slapi_DN *sdn = NULL;
int flag_partial_result = 0;
int op_type;
@@ -2142,8 +2139,11 @@ int slapi_mapping_tree_select_all(Slapi_PBlock *pb, Slapi_Backend **be_list,
}
/* get the operational parameters */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
- slapi_sdn_init_dn_ndn_byref(&sdn, base); /* normalized in opshared.c */
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ if (NULL == sdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL, "Error: Null target DN");
+ return LDAP_OPERATIONS_ERROR;
+ }
slapi_pblock_get(pb, SLAPI_OPERATION, &op);
target_sdn = operation_get_target_spec (op);
slapi_pblock_get(pb, SLAPI_OPERATION_TYPE, &op_type);
@@ -2188,8 +2188,8 @@ int slapi_mapping_tree_select_all(Slapi_PBlock *pb, Slapi_Backend **be_list,
/* flag we have problems at least on part of the tree */
flag_partial_result = 1;
}
- else if ( ( ((!slapi_sdn_issuffix(&sdn, slapi_mtn_get_dn(node))
- && !slapi_sdn_issuffix(slapi_mtn_get_dn(node), &sdn)))
+ else if ( ( ((!slapi_sdn_issuffix(sdn, slapi_mtn_get_dn(node))
+ && !slapi_sdn_issuffix(slapi_mtn_get_dn(node), sdn)))
|| ((node_list == mapping_tree_root) && node->mtn_private
&& (scope != LDAP_SCOPE_BASE)) )
&& (!be || strncmp(be->be_name, "default", 8)))
@@ -2238,7 +2238,6 @@ int slapi_mapping_tree_select_all(Slapi_PBlock *pb, Slapi_Backend **be_list,
&referral, errorbuf, scope);
}
mtn_unlock();
- slapi_sdn_done(&sdn);
be_list[be_index] = NULL;
referral_list[referral_index] = NULL;
@@ -2839,8 +2838,8 @@ slapi_get_mapping_tree_node_configdn (const Slapi_DN *root)
return NULL;
/* This function converts the old DN style to the new one. */
- dn = slapi_create_dn_string("cn=\"%s\",%s",
- slapi_sdn_get_dn(root), MAPPING_TREE_BASE_DN);
+ dn = slapi_ch_smprintf("cn=\"%s\",%s",
+ slapi_sdn_get_ndn(root), MAPPING_TREE_BASE_DN);
if (NULL == dn) {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
"slapi_get_mapping_tree_node_configdn: "
@@ -2852,6 +2851,35 @@ slapi_get_mapping_tree_node_configdn (const Slapi_DN *root)
return dn;
}
+Slapi_DN *
+slapi_get_mapping_tree_node_configsdn (const Slapi_DN *root)
+{
+ char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+
+ if(mapping_tree_freed){
+ /* shutdown detected */
+ return NULL;
+ }
+ if (root == NULL)
+ return NULL;
+
+ /* This function converts the old DN style to the new one. */
+ dn = slapi_ch_smprintf("cn=\"%s\",%s",
+ slapi_sdn_get_dn(root), MAPPING_TREE_BASE_DN);
+ if (NULL == dn) {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "slapi_get_mapping_tree_node_configsdn: "
+ "failed to crate mapping tree dn for %s\n",
+ slapi_sdn_get_dn(root));
+ return NULL;
+ }
+
+ sdn = slapi_sdn_new_dn_passin(dn);
+
+ return sdn;
+}
+
/*
* Description: this function returns root of the subtree to which the node applies
*
@@ -3122,13 +3150,13 @@ slapi_mtn_set_referral(const Slapi_DN *sdn, char ** referral)
Slapi_PBlock pb;
Slapi_Mods smods;
int rc = LDAP_SUCCESS,i = 0, j = 0;
- char * node_dn;
+ Slapi_DN* node_sdn;
char **values = NULL;
int do_modify = 0;
slapi_mods_init (&smods, 0);
- node_dn = slapi_get_mapping_tree_node_configdn(sdn);
- if(!node_dn){
+ node_sdn = slapi_get_mapping_tree_node_configsdn(sdn);
+ if(!node_sdn){
/* shutdown has been detected */
return LDAP_OPERATIONS_ERROR;
}
@@ -3192,7 +3220,7 @@ slapi_mtn_set_referral(const Slapi_DN *sdn, char ** referral)
if ( do_modify )
{
pblock_init (&pb);
- slapi_modify_internal_set_pb (&pb, node_dn,
+ slapi_modify_internal_set_pb_ext (&pb, node_sdn,
slapi_mods_get_ldapmods_byref(&smods), NULL,
NULL, (void *) plugin_get_default_component_id(), 0);
slapi_modify_internal_pb (&pb);
@@ -3202,7 +3230,7 @@ slapi_mtn_set_referral(const Slapi_DN *sdn, char ** referral)
}
slapi_mods_done(&smods);
- slapi_ch_free_string(&node_dn);
+ slapi_sdn_free(&node_sdn);
return rc;
}
@@ -3220,15 +3248,15 @@ slapi_mtn_set_state(const Slapi_DN *sdn, char *state)
Slapi_PBlock pb;
Slapi_Mods smods;
int rc = LDAP_SUCCESS;
- char * node_dn;
+ Slapi_DN *node_sdn;
char * value;
if (NULL == state) {
return LDAP_OPERATIONS_ERROR;
}
- node_dn = slapi_get_mapping_tree_node_configdn(sdn);
- if(!node_dn){
+ node_sdn = slapi_get_mapping_tree_node_configsdn(sdn);
+ if(!node_sdn){
/* shutdown has been detected */
return LDAP_OPERATIONS_ERROR;
}
@@ -3246,7 +3274,7 @@ slapi_mtn_set_state(const Slapi_DN *sdn, char *state)
slapi_mods_init (&smods, 1);
slapi_mods_add(&smods, LDAP_MOD_REPLACE, "nsslapd-state", strlen(state), state);
pblock_init (&pb);
- slapi_modify_internal_set_pb (&pb, node_dn,
+ slapi_modify_internal_set_pb_ext (&pb, node_sdn,
slapi_mods_get_ldapmods_byref(&smods), NULL,
NULL, (void *) plugin_get_default_component_id(), 0);
slapi_modify_internal_pb (&pb);
@@ -3257,7 +3285,7 @@ slapi_mtn_set_state(const Slapi_DN *sdn, char *state)
pblock_done(&pb);
bail:
slapi_ch_free_string(&value);
- slapi_ch_free_string(&node_dn);
+ slapi_sdn_free(&node_sdn);
return rc;
}
diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index e240237..45e55b2 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -138,7 +138,7 @@ do_modify( Slapi_PBlock *pb )
int ignored_some_mods = 0;
int has_password_mod = 0; /* number of password mods */
char *old_pw = NULL; /* remember the old password */
- char *dn = NULL;
+ char *rawdn = NULL;
LDAPDebug( LDAP_DEBUG_TRACE, "do_modify\n", 0, 0, 0 );
@@ -168,8 +168,6 @@ do_modify( Slapi_PBlock *pb )
*/
{
- char *rawdn = NULL;
- size_t dnlen = 0;
int rc = 0;
if ( ber_scanf( ber, "{a", &rawdn ) == LBER_ERROR )
{
@@ -193,24 +191,12 @@ do_modify( Slapi_PBlock *pb )
return;
}
}
- rc = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "MOD", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free((void **) &rawdn);
- return;
- } else if (rc > 0) { /* if rc == 0, rawdn is passed in */
- slapi_ch_free_string(&rawdn);
- } else { /* rc == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
- }
}
- LDAPDebug( LDAP_DEBUG_ARGS, "do_modify: dn (%s)\n", dn, 0, 0 );
+ LDAPDebug( LDAP_DEBUG_ARGS, "do_modify: dn (%s)\n", rawdn, 0, 0 );
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &pb->pb_op->o_isroot);
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn );
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, rawdn );
/* collect modifications & save for later */
slapi_mods_init(&smods, 0);
@@ -227,7 +213,7 @@ do_modify( Slapi_PBlock *pb )
if ( ber_scanf( ber, "{i{a[V]}}", &mod_op, &type,
&mod->mod_bvalues ) == LBER_ERROR )
{
- op_shared_log_error_access (pb, "MOD", dn, "decoding error");
+ op_shared_log_error_access (pb, "MOD", rawdn, "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"decoding error", 0, NULL );
ber_bvecfree(mod->mod_bvalues);
@@ -240,7 +226,7 @@ do_modify( Slapi_PBlock *pb )
if ( !mod->mod_type || !*mod->mod_type ) {
char ebuf[BUFSIZ];
PR_snprintf (ebuf, BUFSIZ, "invalid type '%s'", type);
- op_shared_log_error_access (pb, "MOD", dn, ebuf);
+ op_shared_log_error_access (pb, "MOD", rawdn, ebuf);
send_ldap_result( pb, LDAP_INVALID_SYNTAX, NULL, ebuf, 0, NULL );
slapi_ch_free((void **)&type);
ber_bvecfree(mod->mod_bvalues);
@@ -254,7 +240,7 @@ do_modify( Slapi_PBlock *pb )
mod->mod_op != LDAP_MOD_DELETE &&
mod->mod_op != LDAP_MOD_REPLACE )
{
- op_shared_log_error_access (pb, "MOD", dn, "unrecognized modify operation");
+ op_shared_log_error_access (pb, "MOD", rawdn, "unrecognized modify operation");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"unrecognized modify operation", 0, NULL );
ber_bvecfree(mod->mod_bvalues);
@@ -267,7 +253,7 @@ do_modify( Slapi_PBlock *pb )
&& mod->mod_op != LDAP_MOD_DELETE
&& mod->mod_op != LDAP_MOD_REPLACE )
{
- op_shared_log_error_access (pb, "MOD", dn, "no values given");
+ op_shared_log_error_access (pb, "MOD", rawdn, "no values given");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"no values given", 0, NULL );
ber_bvecfree(mod->mod_bvalues);
@@ -317,7 +303,7 @@ do_modify( Slapi_PBlock *pb )
if ( ( len == 0 ) && ( 0 == smods.num_elements ) && !ignored_some_mods ) {
/* ok - empty modify - allow empty modifies */
} else if ( len != -1 ) {
- op_shared_log_error_access (pb, "MOD", dn, "decoding error");
+ op_shared_log_error_access (pb, "MOD", rawdn, "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL, "decoding error", 0, NULL );
goto free_and_return;
}
@@ -326,7 +312,7 @@ do_modify( Slapi_PBlock *pb )
#else
if ( tag != LBER_END_OF_SEQORSET )
{
- op_shared_log_error_access (pb, "MOD", dn, "decoding error");
+ op_shared_log_error_access (pb, "MOD", rawdn, "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL, "decoding error", 0, NULL );
goto free_and_return;
}
@@ -335,7 +321,7 @@ do_modify( Slapi_PBlock *pb )
/* decode the optional controls - put them in the pblock */
if ( (err = get_ldapmessage_controls( pb, ber, NULL )) != 0 )
{
- op_shared_log_error_access (pb, "MOD", dn, "failed to decode LDAP controls");
+ op_shared_log_error_access (pb, "MOD", rawdn, "failed to decode LDAP controls");
send_ldap_result( pb, err, NULL, NULL, 0, NULL );
goto free_and_return;
}
@@ -362,7 +348,7 @@ do_modify( Slapi_PBlock *pb )
pb->pb_conn->c_needpw && pw_change == 0 )
{
(void)slapi_add_pwd_control ( pb, LDAP_CONTROL_PWEXPIRED, 0);
- op_shared_log_error_access (pb, "MOD", dn, "need new password");
+ op_shared_log_error_access (pb, "MOD", rawdn, "need new password");
send_ldap_result( pb, LDAP_UNWILLING_TO_PERFORM, NULL, NULL, 0, NULL );
goto free_and_return;
}
@@ -387,7 +373,7 @@ do_modify( Slapi_PBlock *pb )
ldap_mods_free (mods, 1 /* Free the Array and the Elements */);
free_and_return:;
- slapi_ch_free ((void**)&dn);
+ slapi_ch_free ((void**)&rawdn);
slapi_mods_done(&smods);
}
@@ -452,8 +438,12 @@ int slapi_modify_internal_pb (Slapi_PBlock *pb)
}
/* Initialize a pblock for a call to slapi_modify_internal_pb() */
-void slapi_modify_internal_set_pb (Slapi_PBlock *pb, const char *dn, LDAPMod **mods, LDAPControl **controls,
- const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags)
+void
+slapi_modify_internal_set_pb (Slapi_PBlock *pb, const char *dn,
+ LDAPMod **mods, LDAPControl **controls,
+ const char *uniqueid,
+ Slapi_ComponentId *plugin_identity,
+ int operation_flags)
{
Operation *op;
PR_ASSERT (pb != NULL);
@@ -464,10 +454,40 @@ void slapi_modify_internal_set_pb (Slapi_PBlock *pb, const char *dn, LDAPMod **m
return;
}
- op= internal_operation_new(SLAPI_OPERATION_MODIFY,operation_flags);
+ op= internal_operation_new(SLAPI_OPERATION_MODIFY,operation_flags);
slapi_pblock_set(pb, SLAPI_OPERATION, op);
slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET, (void*)dn);
- slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods);
+ slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods);
+ slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
+ if (uniqueid)
+ {
+ slapi_pblock_set(pb, SLAPI_TARGET_UNIQUEID, (void*)uniqueid);
+ }
+ slapi_pblock_set(pb, SLAPI_PLUGIN_IDENTITY, plugin_identity);
+}
+
+/* Initialize a pblock for a call to slapi_modify_internal_pb() */
+void
+slapi_modify_internal_set_pb_ext(Slapi_PBlock *pb, const Slapi_DN *sdn,
+ LDAPMod **mods, LDAPControl **controls,
+ const char *uniqueid,
+ Slapi_ComponentId *plugin_identity,
+ int operation_flags)
+{
+ Operation *op;
+ PR_ASSERT (pb != NULL);
+ if (pb == NULL || sdn == NULL || mods == NULL)
+ {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "slapi_modify_internal_set_pb: NULL parameter\n");
+ return;
+ }
+
+ op= internal_operation_new(SLAPI_OPERATION_MODIFY,operation_flags);
+ slapi_pblock_set(pb, SLAPI_OPERATION, op);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET, (void *)slapi_sdn_get_dn(sdn));
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, (void *)sdn);
+ slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods);
slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
if (uniqueid)
{
@@ -583,8 +603,10 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
Slapi_Entry *referral;
Slapi_Entry *e = NULL;
char ebuf[BUFSIZ];
- char *dn;
- Slapi_DN sdn;
+ char *dn = NULL;
+ char *normdn = NULL;
+ Slapi_DN *sdn = NULL;
+ int passin_sdn = 0;
LDAPMod **mods, *pw_mod, **tmpmods = NULL;
Slapi_Mods smods;
Slapi_Mods unhashed_pw_smod;
@@ -601,6 +623,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
char *errtext = NULL;
slapi_pblock_get (pb, SLAPI_ORIGINAL_TARGET, &dn);
+ slapi_pblock_get (pb, SLAPI_MODIFY_TARGET_SDN, &sdn);
slapi_pblock_get (pb, SLAPI_MODIFY_MODS, &mods);
slapi_pblock_get (pb, SLAPI_MODIFY_MODS, &tmpmods);
slapi_pblock_get (pb, SLAPI_IS_REPLICATED_OPERATION, &repl_op);
@@ -608,23 +631,27 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
slapi_pblock_get (pb, SLAPI_SKIP_MODIFIED_ATTRS, &skip_modified_attrs);
- if (dn == NULL)
- {
- slapi_sdn_init_dn_byref (&sdn, "");
+ if (sdn) {
+ passin_sdn = 1;
+ } else {
+ sdn = slapi_sdn_new_dn_byval(dn);
+ slapi_pblock_set(pb, SLAPI_MODIFY_TARGET_SDN, (void*)sdn);
}
- else
- {
- slapi_sdn_init_dn_byref (&sdn, dn);
+ normdn = (char *)slapi_sdn_get_dn(sdn);
+ if (dn && (strlen(dn) > 0) && (NULL == normdn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "MOD", dn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid dn", 0, NULL);
+ goto free_and_return;
}
- slapi_pblock_set(pb, SLAPI_MODIFY_TARGET, (void*)slapi_sdn_get_ndn (&sdn));
-
- slapi_mods_init_passin (&smods, mods);
+ slapi_mods_init_passin (&smods, mods);
slapi_mods_init(&unhashed_pw_smod, 0);
/* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (pb->pb_op, &sdn);
+ operation_set_target_spec (pb->pb_op, sdn);
/* get the proxy auth dn if the proxy auth control is present */
proxy_err = proxyauth_get_dn(pb, &proxydn, &errtext);
@@ -643,7 +670,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
slapi_log_access(LDAP_DEBUG_STATS, "conn=%" NSPRIu64 " op=%d MOD dn=\"%s\"%s\n",
pb->pb_conn->c_connid,
pb->pb_op->o_opid,
- escape_string(slapi_sdn_get_dn(&sdn), ebuf),
+ escape_string(slapi_sdn_get_dn(sdn), ebuf),
proxystr ? proxystr : "");
}
else
@@ -651,7 +678,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
slapi_log_access(LDAP_DEBUG_ARGS, "conn=%s op=%d MOD dn=\"%s\"%s\n",
LOG_INTERNAL_OP_CON_ID,
LOG_INTERNAL_OP_OP_ID,
- escape_string(slapi_sdn_get_dn(&sdn), ebuf),
+ escape_string(slapi_sdn_get_dn(sdn), ebuf),
proxystr ? proxystr : "");
}
@@ -702,8 +729,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
* 2. If yes, then if the mods contain any passwdpolicy specific attributes.
* 3. If yes, then it invokes corrosponding checking function.
*/
- if ( !repl_op && !internal_op && dn &&
- (e = get_entry(pb, slapi_dn_normalize(dn))) )
+ if ( !repl_op && !internal_op && normdn && (e = get_entry(pb, normdn)) )
{
Slapi_Value target;
slapi_value_init(&target);
@@ -785,7 +811,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
valuearray_init_bervalarray(pw_mod->mod_bvalues, &va);
/* encode password */
- pw_encodevals_ext(pb, &sdn, va);
+ pw_encodevals_ext(pb, sdn, va);
/* remove current clear value of userpassword */
ber_bvecfree(pw_mod->mod_bvalues);
@@ -937,13 +963,17 @@ free_and_return:
if (be)
slapi_be_Unlock(be);
- slapi_sdn_done(&sdn);
slapi_mods_done(&unhashed_pw_smod); /* can finalize now */
if (unhashed_pw_attr)
slapi_ch_free ((void**)&unhashed_pw_attr);
slapi_ch_free_string(&proxydn);
+
+ slapi_pblock_get(pb, SLAPI_MODIFY_TARGET_SDN, &sdn);
+ if (!passin_sdn) {
+ slapi_sdn_free(&sdn);
+ }
}
static void remove_mod (Slapi_Mods *smods, const char *type, Slapi_Mods *smod_unhashed)
diff --git a/ldap/servers/slapd/modrdn.c b/ldap/servers/slapd/modrdn.c
index 24e444c..a7bb1a6 100644
--- a/ldap/servers/slapd/modrdn.c
+++ b/ldap/servers/slapd/modrdn.c
@@ -73,17 +73,16 @@ do_modrdn( Slapi_PBlock *pb )
Slapi_Operation *operation;
BerElement *ber;
char *rawdn = NULL, *rawnewsuperior = NULL;
- char *dn = NULL, *newsuperior = NULL;
+ const char *dn = NULL, *newsuperior = NULL;
char *rawnewrdn = NULL;
char *newrdn = NULL;
int err = 0, deloldrdn = 0;
ber_len_t len = 0;
- size_t dnlen = 0;
char *newdn = NULL;
char *parent = NULL;
- Slapi_DN sdn = {0};
- Slapi_DN snewdn = {0};
- Slapi_DN snewsuperior = {0};
+ Slapi_DN sdn;
+ Slapi_DN snewdn;
+ Slapi_DN *snewsuperior = NULL;
LDAPDebug( LDAP_DEBUG_TRACE, "do_modrdn\n", 0, 0, 0 );
@@ -93,6 +92,9 @@ do_modrdn( Slapi_PBlock *pb )
slapi_pblock_get( pb, SLAPI_OPERATION, &operation);
ber = operation->o_ber;
+ slapi_sdn_init(&sdn);
+ slapi_sdn_init(&snewdn);
+
/*
* Parse the modrdn request. It looks like this:
*
@@ -169,34 +171,29 @@ do_modrdn( Slapi_PBlock *pb )
goto free_and_return;
}
}
- err = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (err < 0) {
- op_shared_log_error_access(pb, "MODRDN", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free_string( &rawdn );
+ slapi_sdn_init_dn_passin(&sdn, rawdn);
+ dn = slapi_sdn_get_dn(&sdn);
+ if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "MODRDN", rawdn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid dn", 0, NULL);
slapi_ch_free_string( &rawnewrdn );
slapi_ch_free_string( &rawnewsuperior );
goto free_and_return;
- } else if (err > 0) {
- slapi_ch_free((void **) &rawdn);
- } else { /* err == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
}
- err = slapi_dn_normalize_ext(rawnewrdn, 0, &newrdn, &dnlen);
- if (err < 0) {
- op_shared_log_error_access(pb, "MODRDN", rawnewrdn?rawnewrdn:"",
- "invalid new rdn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid new rdn", 0, NULL);
+ newrdn = slapi_create_dn_string("%s", rawnewrdn);
+ if (rawnewrdn && (NULL == newrdn)) {
+ op_shared_log_error_access(pb, "MODRDN", rawnewrdn, "invalid newrdn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
+ NULL, "invalid newrdn", 0, NULL);
slapi_ch_free_string( &rawnewrdn );
slapi_ch_free_string( &rawnewsuperior );
goto free_and_return;
- } else if (err > 0) {
- slapi_ch_free((void **) &rawnewrdn);
- } else { /* err == 0; rawnewdn is passed in; not null terminated */
- *(newrdn + dnlen) = '\0';
}
+ slapi_dn_ignore_case( newrdn );
+ slapi_ch_free_string( &rawnewrdn );
+
if (rawnewsuperior) {
if (config_get_dn_validate_strict()) {
/* check that the dn is formatted correctly */
@@ -210,19 +207,8 @@ do_modrdn( Slapi_PBlock *pb )
goto free_and_return;
}
}
- err = slapi_dn_normalize_ext(rawnewsuperior, 0, &newsuperior, &dnlen);
- if (err < 0) {
- op_shared_log_error_access(pb, "MODRDN", rawnewsuperior,
- "invalid new superior");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid new superior", 0, NULL);
- slapi_ch_free_string( &rawnewsuperior);
- goto free_and_return;
- } else if (err > 0) {
- slapi_ch_free((void **) &rawnewsuperior);
- } else { /* err == 0; rawnewsuperior is passed in; not terminated */
- *(newsuperior + dnlen) = '\0';
- }
+ snewsuperior = slapi_sdn_new_dn_passin(rawnewsuperior);
+ newsuperior = slapi_sdn_get_dn(snewsuperior);
}
/*
@@ -230,27 +216,24 @@ do_modrdn( Slapi_PBlock *pb )
* Note: need to check the case newrdn is given, and newsuperior
* uses the newrdn, as well.
*/
- /* Both newrdn and dn are already normalized. */
- parent = slapi_dn_parent(dn);
+ parent = slapi_dn_parent(slapi_sdn_get_ndn(&sdn));
newdn = slapi_ch_smprintf("%s,%s", newrdn, parent);
- slapi_sdn_set_dn_byref(&sdn, dn);
- slapi_sdn_set_dn_byref(&snewdn, newdn);
- slapi_sdn_set_dn_byref(&snewsuperior, newsuperior);
- if (0 == slapi_sdn_compare(&sdn, &snewsuperior) ||
- 0 == slapi_sdn_compare(&snewdn, &snewsuperior)) {
- op_shared_log_error_access(pb, "MODRDN", rawnewsuperior,
+ slapi_sdn_init_normdn_passin(&snewdn, newdn); /* newdn is normalized */
+ if (0 == slapi_sdn_compare(&sdn, snewsuperior) ||
+ 0 == slapi_sdn_compare(&snewdn, snewsuperior)) {
+ op_shared_log_error_access(pb, "MODRDN", newsuperior,
"new superior is identical to the entry dn");
send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL,
"new superior is identical to the entry dn", 0, NULL);
goto free_and_return;
}
- if (slapi_sdn_issuffix(&snewsuperior, &sdn) ||
- slapi_sdn_issuffix(&snewsuperior, &snewdn)) {
+ if (slapi_sdn_issuffix(snewsuperior, &sdn) ||
+ slapi_sdn_issuffix(snewsuperior, &snewdn)) {
/* E.g.,
* newsuperior: ou=sub,ou=people,dc=example,dc=com
* dn: ou=people,dc=example,dc=com
*/
- op_shared_log_error_access(pb, "MODRDN", rawnewsuperior,
+ op_shared_log_error_access(pb, "MODRDN", newsuperior,
"new superior is descendent of the entry");
send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL,
"new superior is descendent of the entry", 0, NULL);
@@ -273,24 +256,22 @@ do_modrdn( Slapi_PBlock *pb )
deloldrdn );
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &pb->pb_op->o_isroot );
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn );
- slapi_pblock_set( pb, SLAPI_MODRDN_NEWRDN, newrdn );
- slapi_pblock_set( pb, SLAPI_MODRDN_NEWSUPERIOR, newsuperior );
+ /* dn, newrdn and newsuperior are all normalized */
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET,
+ (void *)slapi_sdn_get_udn(&sdn) );
+ slapi_pblock_set( pb, SLAPI_MODRDN_TARGET_SDN, &sdn );
+ slapi_pblock_set( pb, SLAPI_MODRDN_NEWRDN, (void *)newrdn );
+ slapi_pblock_set( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, (void *)snewsuperior );
slapi_pblock_set( pb, SLAPI_MODRDN_DELOLDRDN, &deloldrdn );
- op_shared_rename(pb, 1 /* pass in ownership of string arguments */ );
- goto ok_return;
+ op_shared_rename(pb, 0 /* do not pass in ownership of string arguments */ );
free_and_return:
- slapi_ch_free_string( &dn );
- slapi_ch_free_string( &newrdn );
- slapi_ch_free_string( &newsuperior );
-ok_return:
slapi_sdn_done(&sdn);
+ slapi_ch_free_string(&newrdn);
+ slapi_sdn_free(&snewsuperior);
slapi_sdn_done(&snewdn);
- slapi_sdn_done(&snewsuperior);
slapi_ch_free_string(&parent);
- slapi_ch_free_string(&newdn);
return;
}
@@ -311,20 +292,28 @@ slapi_rename_internal(const char *iodn, const char *inewrdn, const char *inewsup
Slapi_PBlock pb;
Slapi_PBlock *result_pb = NULL;
int opresult= 0;
+ Slapi_DN sdn;
+ Slapi_DN newsuperiorsdn;
pblock_init (&pb);
- slapi_rename_internal_set_pb (&pb, iodn, inewrdn, inewsuperior, deloldrdn,
- controls, NULL, plugin_get_default_component_id(), 0);
+ slapi_sdn_init_dn_byref(&sdn, iodn);
+ slapi_sdn_init_dn_byref(&newsuperiorsdn, inewsuperior);
+
+ slapi_rename_internal_set_pb_ext(&pb, &sdn, inewrdn, &newsuperiorsdn,
+ deloldrdn, controls, NULL,
+ plugin_get_default_component_id(), 0);
rename_internal_pb (&pb);
result_pb = slapi_pblock_new();
- if (result_pb)
- {
- slapi_pblock_get(&pb, SLAPI_PLUGIN_INTOP_RESULT, &opresult);
- slapi_pblock_set(result_pb, SLAPI_PLUGIN_INTOP_RESULT, &opresult);
+ if (result_pb) {
+ slapi_pblock_get(&pb, SLAPI_PLUGIN_INTOP_RESULT, &opresult);
+ slapi_pblock_set(result_pb, SLAPI_PLUGIN_INTOP_RESULT, &opresult);
}
- pblock_done(&pb);
+
+ slapi_sdn_done(&sdn);
+ slapi_sdn_done(&newsuperiorsdn);
+ pblock_done(&pb);
return result_pb;
}
@@ -352,32 +341,39 @@ int slapi_modrdn_internal_pb (Slapi_PBlock *pb)
return rename_internal_pb (pb);
}
-/* Initialize a pblock for a call to slapi_modrdn_internal_pb() */
-void slapi_rename_internal_set_pb (Slapi_PBlock *pb, const char *olddn, const char *newrdn, const char *newsuperior, int deloldrdn,
- LDAPControl **controls, const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags)
+void
+slapi_rename_internal_set_pb_ext(Slapi_PBlock *pb,
+ const Slapi_DN *olddn,
+ const char *newrdn, /* normalized */
+ const Slapi_DN *newsuperior, int deloldrdn,
+ LDAPControl **controls, const char *uniqueid,
+ Slapi_ComponentId *plugin_identity,
+ int operation_flags)
{
- Operation *op;
- PR_ASSERT (pb != NULL);
- if (pb == NULL || olddn == NULL || newrdn == NULL)
- {
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
- "slapi_rename_internal_set_pb: NULL parameter\n");
- return;
- }
+ Operation *op;
+ PR_ASSERT (pb != NULL);
+ if (pb == NULL || olddn == NULL || newrdn == NULL)
+ {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "slapi_rename_internal_set_pb: NULL parameter\n");
+ return;
+ }
- op= internal_operation_new(SLAPI_OPERATION_MODRDN,operation_flags);
- slapi_pblock_set(pb, SLAPI_OPERATION, op);
- slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET, (void*)olddn);
+ op = internal_operation_new(SLAPI_OPERATION_MODRDN,operation_flags);
+ slapi_pblock_set(pb, SLAPI_OPERATION, op);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET,
+ (void*)slapi_sdn_get_dn(olddn));
+ slapi_pblock_set(pb, SLAPI_MODRDN_TARGET_SDN, (void*)olddn);
slapi_pblock_set(pb, SLAPI_MODRDN_NEWRDN, (void*)newrdn);
- slapi_pblock_set(pb, SLAPI_MODRDN_NEWSUPERIOR, (void*)newsuperior);
+ slapi_pblock_set(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, (void*)newsuperior);
slapi_pblock_set(pb, SLAPI_MODRDN_DELOLDRDN, &deloldrdn);
- slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
- slapi_pblock_set(pb, SLAPI_MODIFY_MODS, NULL);
- if (uniqueid)
- {
- slapi_pblock_set(pb, SLAPI_TARGET_UNIQUEID, (void*)uniqueid);
- }
- slapi_pblock_set(pb, SLAPI_PLUGIN_IDENTITY, plugin_identity);
+ slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
+ slapi_pblock_set(pb, SLAPI_MODIFY_MODS, NULL);
+ if (uniqueid)
+ {
+ slapi_pblock_set(pb, SLAPI_TARGET_UNIQUEID, (void*)uniqueid);
+ }
+ slapi_pblock_set(pb, SLAPI_PLUGIN_IDENTITY, plugin_identity);
}
/* Helper functions */
@@ -418,18 +414,19 @@ static int rename_internal_pb (Slapi_PBlock *pb)
* Beware: this function resets the following pblock elements that were
* set by the caller:
*
- * SLAPI_MODRDN_TARGET
+ * SLAPI_MODRDN_TARGET_SDN
* SLAPI_MODRDN_NEWRDN
- * SLAPI_MODRDN_NEWSUPERIOR
+ * SLAPI_MODRDN_NEWSUPERIOR_SDN
*/
static void
op_shared_rename(Slapi_PBlock *pb, int passin_args)
{
- char *dn, *newsuperior, *newrdn, *newdn = NULL;
+ char *dn, *newrdn, *newdn = NULL;
+ const char *newsuperior;
char **rdns;
int deloldrdn;
Slapi_Backend *be = NULL;
- Slapi_DN sdn = {0};
+ Slapi_DN *origsdn = NULL;
Slapi_Mods smods;
char dnbuf[BUFSIZ];
char newrdnbuf[BUFSIZ];
@@ -443,13 +440,16 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
char *proxystr = NULL;
int proxy_err = LDAP_SUCCESS;
char *errtext = NULL;
+ Slapi_DN *sdn = NULL;
+ Slapi_DN *newsuperiorsdn = NULL;
slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET, &dn);
slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &newrdn);
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperior);
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperiorsdn);
slapi_pblock_get(pb, SLAPI_MODRDN_DELOLDRDN, &deloldrdn);
slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &repl_op);
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
+ slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &origsdn);
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
/*
@@ -462,26 +462,31 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
* that we will not free these parameters... so if passin_args is
* zero, we need to make copies.
*
- * In the case of SLAPI_MODRDN_TARGET and SLAPI_MODRDN_NEWSUPERIOR, we
- * replace the existing values with normalized values (because plugins
+ * In the case of SLAPI_MODRDN_TARGET_SDN and SLAPI_MODRDN_NEWSUPERIOR_SDN,
+ * we replace the existing values with normalized values (because plugins
* expect these DNs to be normalized).
*/
- if ( passin_args ) {
- slapi_sdn_init_dn_passin(&sdn,dn); /* freed by slapi_sdn_done() */
+
+ if (NULL == origsdn) {
+ sdn = slapi_sdn_new_dn_byval(dn);
+ slapi_pblock_set(pb, SLAPI_MODRDN_TARGET_SDN, sdn);
+ }
+ if (passin_args) {
+ if (NULL == sdn) { /* origsdn is not NULL, so use it. */
+ sdn = origsdn;
+ }
} else {
- slapi_sdn_init_dn_byref(&sdn,dn);
- }
- if ( !passin_args ) {
- newrdn = slapi_ch_strdup( newrdn );
- newsuperior = slapi_ch_strdup( newsuperior );
- }
- if ( NULL != newsuperior ) {
- slapi_dn_normalize_case( newsuperior ); /* normalize in place */
+ if (NULL == sdn) {
+ sdn = slapi_sdn_dup(origsdn);
+ }
+ newrdn = slapi_ch_strdup(newrdn);
+ newsuperiorsdn = slapi_sdn_dup(newsuperiorsdn);
+ slapi_pblock_set(pb, SLAPI_MODRDN_TARGET_SDN, sdn);
+ slapi_pblock_set(pb, SLAPI_MODRDN_NEWRDN, (void *)newrdn);
+ slapi_pblock_set(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, newsuperiorsdn);
}
- slapi_pblock_set (pb, SLAPI_MODRDN_TARGET,
- (void*)slapi_ch_strdup(slapi_sdn_get_ndn (&sdn)));
- slapi_pblock_set(pb, SLAPI_MODRDN_NEWRDN, (void *)newrdn );
- slapi_pblock_set(pb, SLAPI_MODRDN_NEWSUPERIOR, (void *)newsuperior);
+ /* normdn = slapi_sdn_get_dn(sdn); */
+ newsuperior = slapi_sdn_get_dn(newsuperiorsdn);
/* get the proxy auth dn if the proxy auth control is present */
proxy_err = proxyauth_get_dn(pb, &proxydn, &errtext);
@@ -589,13 +594,13 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
}
/* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (pb->pb_op, &sdn);
+ operation_set_target_spec (pb->pb_op, sdn);
/*
- * Construct the new DN (code copied from backend
+ * Construct the new DN (code sdn from backend
* and modified to handle newsuperior)
*/
- newdn = slapi_moddn_get_newdn(&sdn,newrdn,newsuperior);
+ newdn = slapi_moddn_get_newdn(sdn, newrdn, newsuperior);
/*
* We could be serving multiple database backends. Select the
@@ -695,8 +700,20 @@ free_and_return_nolock:
LDAPMod **mods;
char *s;
- slapi_ch_free((void **) &newdn);
- slapi_sdn_done(&sdn);
+ if (passin_args) {
+ if (NULL == origsdn) {
+ slapi_sdn_free(&sdn);
+ }
+ } else {
+ slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &newrdn);
+ slapi_ch_free_string(&newrdn);
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperiorsdn);
+ slapi_sdn_free(&newsuperiorsdn);
+ }
+ slapi_ch_free_string(&newdn);
+
slapi_pblock_get(pb, SLAPI_ENTRY_PRE_OP, &ecopy);
slapi_entry_free(ecopy);
slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &pse);
@@ -706,13 +723,6 @@ free_and_return_nolock:
slapi_ch_free_string(&proxydn);
slapi_ch_free_string(&proxystr);
- /* retrieve these in case a pre- or post-op plugin has changed them */
- slapi_pblock_get(pb, SLAPI_MODRDN_TARGET, &s);
- slapi_ch_free((void **)&s);
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &s);
- slapi_ch_free((void **)&s);
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &s);
- slapi_ch_free((void **)&s);
slapi_pblock_get(pb, SLAPI_URP_NAMING_COLLISION_DN, &s);
slapi_ch_free((void **)&s);
}
diff --git a/ldap/servers/slapd/modutil.c b/ldap/servers/slapd/modutil.c
index 82147c6..8818817 100644
--- a/ldap/servers/slapd/modutil.c
+++ b/ldap/servers/slapd/modutil.c
@@ -201,21 +201,12 @@ slapi_mods_insert_at(Slapi_Mods *smods, LDAPMod *mod, int pos)
slapi_attr_init(&a, mod->mod_type);
/* Check if the type of the to-be-added values has DN syntax or not. */
if (slapi_attr_is_dn_syntax_attr(&a)) {
- int rc = 0;
struct berval **mbvp = NULL;
- char *normed = NULL;
- size_t len = 0;
for (mbvp = mod->mod_bvalues; mbvp && *mbvp; mbvp++) {
- rc = slapi_dn_normalize_ext((*mbvp)->bv_val, (*mbvp)->bv_len,
- &normed, &len);
- if (rc > 0) {
- slapi_ch_free((void **)&((*mbvp)->bv_val));
- } else if (rc == 0) {
- /* original is passed in; not null terminated */
- *(normed + len) = '\0';
- }
- (*mbvp)->bv_val = normed;
- (*mbvp)->bv_len = len;
+ Slapi_DN *sdn = slapi_sdn_new_dn_byref((*mbvp)->bv_val);
+ (*mbvp)->bv_val = slapi_ch_strdup(slapi_sdn_get_dn(sdn));
+ (*mbvp)->bv_len = slapi_sdn_get_ndn_len(sdn);
+ slapi_sdn_free(&sdn);
}
}
attr_done(&a);
diff --git a/ldap/servers/slapd/operation.c b/ldap/servers/slapd/operation.c
index 185723e..1479ee9 100644
--- a/ldap/servers/slapd/operation.c
+++ b/ldap/servers/slapd/operation.c
@@ -398,17 +398,17 @@ copy_mods(LDAPMod **orig_mods)
struct slapi_operation_parameters *
operation_parameters_dup(struct slapi_operation_parameters *sop)
{
- struct slapi_operation_parameters *sop_new= (struct slapi_operation_parameters *)
+ struct slapi_operation_parameters *sop_new = (struct slapi_operation_parameters *)
slapi_ch_malloc(sizeof(struct slapi_operation_parameters));
memcpy(sop_new,sop,sizeof(struct slapi_operation_parameters));
- if(sop->target_address.dn!=NULL)
- {
- sop_new->target_address.dn= slapi_ch_strdup(sop->target_address.dn);
- }
if(sop->target_address.uniqueid!=NULL)
{
sop_new->target_address.uniqueid= slapi_ch_strdup(sop->target_address.uniqueid);
}
+ if(sop->target_address.sdn != NULL)
+ {
+ sop_new->target_address.sdn = slapi_sdn_dup(sop->target_address.sdn);
+ }
sop_new->csn= csn_dup(sop->csn);
switch(sop->operation_type)
@@ -429,10 +429,10 @@ operation_parameters_dup(struct slapi_operation_parameters *sop)
{
sop_new->p.p_modrdn.modrdn_newrdn= slapi_ch_strdup(sop->p.p_modrdn.modrdn_newrdn);
}
- if(sop->p.p_modrdn.modrdn_newsuperior_address.dn!=NULL)
+ if(sop->p.p_modrdn.modrdn_newsuperior_address.sdn!=NULL)
{
- sop_new->p.p_modrdn.modrdn_newsuperior_address.dn =
- slapi_ch_strdup(sop->p.p_modrdn.modrdn_newsuperior_address.dn);
+ sop_new->p.p_modrdn.modrdn_newsuperior_address.sdn =
+ slapi_sdn_dup(sop->p.p_modrdn.modrdn_newsuperior_address.sdn);
}
if(sop->p.p_modrdn.modrdn_newsuperior_address.uniqueid!=NULL)
{
@@ -462,8 +462,9 @@ operation_parameters_done (struct slapi_operation_parameters *sop)
{
if(sop!=NULL)
{
- slapi_ch_free((void **)&sop->target_address.dn);
slapi_ch_free((void **)&sop->target_address.uniqueid);
+ slapi_sdn_free(&sop->target_address.sdn);
+
csn_free(&sop->csn);
switch(sop->operation_type)
@@ -479,7 +480,6 @@ operation_parameters_done (struct slapi_operation_parameters *sop)
break;
case SLAPI_OPERATION_MODRDN:
slapi_ch_free((void **)&(sop->p.p_modrdn.modrdn_newrdn));
- slapi_ch_free((void **)&(sop->p.p_modrdn.modrdn_newsuperior_address.dn));
slapi_ch_free((void **)&(sop->p.p_modrdn.modrdn_newsuperior_address.uniqueid));
ldap_mods_free(sop->p.p_modrdn.modrdn_mods, 1 /* Free the Array and the Elements */);
sop->p.p_modrdn.modrdn_mods= NULL;
@@ -504,8 +504,3 @@ void operation_parameters_free(struct slapi_operation_parameters **sop)
slapi_ch_free ((void**)sop);
}
}
-
-
-
-
-
diff --git a/ldap/servers/slapd/opshared.c b/ldap/servers/slapd/opshared.c
index 1af97c6..f2ef9cc 100644
--- a/ldap/servers/slapd/opshared.c
+++ b/ldap/servers/slapd/opshared.c
@@ -188,7 +188,9 @@ void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods)
void
op_shared_search (Slapi_PBlock *pb, int send_result)
{
- char *base, *fstr;
+ char *base = NULL;
+ const char *normbase = NULL;
+ char *fstr;
int scope;
Slapi_Backend *be = NULL;
Slapi_Backend *be_single = NULL;
@@ -198,7 +200,8 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
char attrlistbuf[ 1024 ], *attrliststr, **attrs = NULL;
int rc = 0;
int internal_op;
- Slapi_DN sdn;
+ Slapi_DN *basesdn = NULL;
+ Slapi_DN *sdn = NULL;
Slapi_Operation *operation;
Slapi_Entry *referral = NULL;
char *proxydn = NULL;
@@ -225,14 +228,30 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
int curr_search_count = 0;
Slapi_Backend *pr_be = NULL;
void *pr_search_result = NULL;
- int pr_search_result_count = 0;
int pr_reset_processing = 0;
be_list[0] = NULL;
referral_list[0] = NULL;
/* get search parameters */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
+ slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &base);
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+
+ if (NULL == sdn) {
+ sdn = slapi_sdn_new_dn_byval(base);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, sdn);
+ }
+ normbase = slapi_sdn_get_dn(sdn);
+
+ if (base && (strlen(base) > 0) && (NULL == normbase)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "SRCH", base, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL, "invalid dn", 0, NULL);
+ rc = -1;
+ goto free_and_return_nolock;
+ }
+ basesdn = slapi_sdn_dup(sdn);
+
slapi_pblock_get(pb, SLAPI_SEARCH_SCOPE, &scope);
slapi_pblock_get(pb, SLAPI_SEARCH_STRFILTER, &fstr);
slapi_pblock_get(pb, SLAPI_SEARCH_ATTRS, &attrs);
@@ -240,8 +259,6 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
flag_psearch = operation_is_flag_set(operation, OP_FLAG_PS);
- slapi_sdn_init_dn_byref(&sdn, base);
-
/* get the proxy auth dn if the proxy auth control is present */
proxy_err = proxyauth_get_dn(pb, &proxydn, &errtext);
@@ -298,7 +315,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
slapi_log_access(LDAP_DEBUG_STATS, fmtstr,
pb->pb_conn->c_connid,
pb->pb_op->o_opid,
- escape_string(slapi_sdn_get_dn (&sdn), ebuf),
+ escape_string(normbase, ebuf),
scope, fstr, attrliststr,
flag_psearch ? " options=persistent" : "",
proxystr ? proxystr : "");
@@ -308,7 +325,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
slapi_log_access(LDAP_DEBUG_ARGS, fmtstr,
LOG_INTERNAL_OP_CON_ID,
LOG_INTERNAL_OP_OP_ID,
- escape_string(slapi_sdn_get_dn (&sdn), ebuf),
+ escape_string(normbase, ebuf),
scope, fstr, attrliststr,
flag_psearch ? " options=persistent" : "",
proxystr ? proxystr : "");
@@ -316,7 +333,8 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
}
/* If we encountered an error parsing the proxy control, return an error
- * to the client. We do this here to ensure that we log the operation first. */
+ * to the client. We do this here to ensure that we log the operation first.
+ */
if (proxy_err != LDAP_SUCCESS)
{
rc = -1;
@@ -324,10 +342,10 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
goto free_and_return_nolock;
}
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, (void*)slapi_sdn_get_ndn (&sdn));
-
- /* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (pb->pb_op, &sdn);
+ /* target spec is used to decide which plugins are applicable for
+ * the operation. basesdn is duplicated and set to target spec.
+ */
+ operation_set_target_spec (pb->pb_op, basesdn);
/* this is time to check if mapping tree specific control
* was used to specify that we want to parse only
@@ -352,7 +370,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
else
{
/* we don't need no steenkin values */
- Slapi_Backend *searchbe = slapi_be_select( &sdn );
+ Slapi_Backend *searchbe = slapi_be_select( sdn );
if(searchbe && searchbe != defbackend_get_backend())
{
@@ -406,8 +424,6 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
operation->o_flags |= OP_FLAG_PAGED_RESULTS;
pr_be = pagedresults_get_current_be(pb->pb_conn);
pr_search_result = pagedresults_get_search_result(pb->pb_conn);
- pr_search_result_count =
- pagedresults_get_search_result_count(pb->pb_conn);
estimate =
pagedresults_get_search_result_set_size_estimate(pb->pb_conn);
if (pagedresults_get_unindexed(pb->pb_conn)) {
@@ -501,11 +517,23 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
goto free_and_return;
case -2: /* memory was allocated */
- /* take note of any changes */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
+ /* take note of any changes */
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
slapi_pblock_get(pb, SLAPI_SEARCH_SCOPE, &scope);
-
- slapi_sdn_set_dn_byref(&sdn, base);
+ if (NULL == sdn) {
+ send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL,
+ "target dn is lost", 0, NULL);
+ rc = -1;
+ goto free_and_return;
+ }
+ if (slapi_sdn_compare(basesdn, sdn)) {
+ slapi_sdn_free(&basesdn);
+ basesdn = operation_get_target_spec(pb->pb_op);
+ slapi_sdn_free(&basesdn);
+ basesdn = slapi_sdn_dup(sdn);
+ operation_set_target_spec (pb->pb_op, basesdn);
+ }
+ normbase = slapi_sdn_get_dn(sdn);
break;
case -1:
@@ -551,7 +579,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
rc = -1; /* zero backends would mean failure */
while (be)
{
- const Slapi_DN * be_suffix;
+ const Slapi_DN *be_suffix;
int err = 0;
Slapi_Backend *next_be = NULL;
@@ -570,7 +598,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
* is below another backend because in that case the
* such searches should sometimes succeed
* To allow this we therefore have to change the
- * SLAPI_SEARCH_TARGET parameter in the pblock
+ * SLAPI_SEARCH_TARGET_SDN parameter in the pblock
*
* Also when we climb down the mapping tree we have to
* change ONE-LEVEL searches to BASE
@@ -636,25 +664,27 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
{
if ((be_name == NULL) && (scope == LDAP_SCOPE_ONELEVEL))
{
- /* one level searches
- * - depending on the suffix of the backend we might have to
- * do a one level search or a base search
- * - we might also have to change the search target
- */
- if (slapi_sdn_isparent(&sdn, be_suffix)
- || (slapi_sdn_get_ndn_len(&sdn) == 0))
+ /* one level searches
+ * - depending on the suffix of the backend we might have to
+ * do a one level search or a base search
+ * - we might also have to change the search target
+ */
+ if (slapi_sdn_isparent(basesdn, be_suffix) ||
+ (slapi_sdn_get_ndn_len(basesdn) == 0))
{
int tmp_scope = LDAP_SCOPE_BASE;
slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &tmp_scope);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET,
- (void *)slapi_sdn_get_ndn(be_suffix));
+
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ sdn = slapi_sdn_dup(be_suffix);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, (void *)sdn);
+ normbase = slapi_sdn_get_dn(sdn);
}
- else if (slapi_sdn_issuffix(&sdn, be_suffix))
+ else if (slapi_sdn_issuffix(basesdn, be_suffix))
{
int tmp_scope = LDAP_SCOPE_ONELEVEL;
slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &tmp_scope);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET,
- (void *)slapi_sdn_get_ndn (&sdn));
}
else
goto next_be;
@@ -662,19 +692,20 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
/* subtree searches :
* if the search was started above the backend suffix
- * - temporarily set the SLAPI_SEARCH_TARGET to the
+ * - temporarily set the SLAPI_SEARCH_TARGET_SDN to the
* base of the node so that we don't get a NO SUCH OBJECT error
* - do not change the scope
*/
if (scope == LDAP_SCOPE_SUBTREE)
{
- if (slapi_sdn_issuffix(be_suffix, &sdn))
+ if (slapi_sdn_issuffix(be_suffix, basesdn))
{
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET,
- (void *)slapi_sdn_get_ndn(be_suffix));
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ sdn = slapi_sdn_dup(be_suffix);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, (void *)sdn);
+ normbase = slapi_sdn_get_dn(sdn);
}
- else
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, (void *)slapi_sdn_get_ndn(&sdn));
}
}
@@ -886,11 +917,15 @@ free_and_return:
else if (be_single)
slapi_be_Unlock(be_single);
- free_and_return_nolock:
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, base);
+free_and_return_nolock:
slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, &rc);
index_subsys_filter_decoders_done(pb);
- slapi_sdn_done(&sdn);
+
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ slapi_sdn_free(&basesdn);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, NULL);
+
slapi_ch_free_string(&proxydn);
slapi_ch_free_string(&proxystr);
if (pr_reset_processing) {
@@ -1146,10 +1181,8 @@ iterate(Slapi_PBlock *pb, Slapi_Backend *be, int send_result,
{
Slapi_Entry *gerentry = NULL;
Slapi_Operation *operation;
- int is_paged = 0;
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
- is_paged = operation->o_flags & OP_FLAG_PAGED_RESULTS;
rc = be->be_next_search_entry(pb);
if (rc < 0)
{
diff --git a/ldap/servers/slapd/passwd_extop.c b/ldap/servers/slapd/passwd_extop.c
index c1f00d2..c77d3b7 100644
--- a/ldap/servers/slapd/passwd_extop.c
+++ b/ldap/servers/slapd/passwd_extop.c
@@ -145,7 +145,8 @@ passwd_modify_getEntry( const char *dn, Slapi_Entry **e2 ) {
/* Construct Mods pblock and perform the modify operation
* Sets result of operation in SLAPI_PLUGIN_INTOP_RESULT
*/
-static int passwd_apply_mods(Slapi_PBlock *pb_orig, const char *dn, Slapi_Mods *mods,
+static int
+passwd_apply_mods(Slapi_PBlock *pb_orig, const Slapi_DN *sdn, Slapi_Mods *mods,
LDAPControl **req_controls, LDAPControl ***resp_controls)
{
Slapi_PBlock pb;
@@ -164,7 +165,7 @@ static int passwd_apply_mods(Slapi_PBlock *pb_orig, const char *dn, Slapi_Mods *
}
pblock_init(&pb);
- slapi_modify_internal_set_pb (&pb, dn,
+ slapi_modify_internal_set_pb_ext (&pb, sdn,
slapi_mods_get_ldapmods_byref(mods),
req_controls_copy, NULL, /* UniqueID */
plugin_get_default_component_id(), /* PluginID */
@@ -195,7 +196,7 @@ static int passwd_apply_mods(Slapi_PBlock *pb_orig, const char *dn, Slapi_Mods *
if (ret != LDAP_SUCCESS){
LDAPDebug(LDAP_DEBUG_TRACE, "WARNING: passwordPolicy modify error %d on entry '%s'\n",
- ret, dn, 0);
+ ret, slapi_sdn_get_dn(sdn), 0);
}
pblock_done(&pb);
@@ -212,18 +213,17 @@ static int passwd_apply_mods(Slapi_PBlock *pb_orig, const char *dn, Slapi_Mods *
static int passwd_modify_userpassword(Slapi_PBlock *pb_orig, Slapi_Entry *targetEntry,
const char *newPasswd, LDAPControl **req_controls, LDAPControl ***resp_controls)
{
- char *dn = NULL;
int ret = 0;
Slapi_Mods smods;
LDAPDebug( LDAP_DEBUG_TRACE, "=> passwd_modify_userpassword\n", 0, 0, 0 );
slapi_mods_init (&smods, 0);
- dn = slapi_entry_get_ndn( targetEntry );
slapi_mods_add_string(&smods, LDAP_MOD_REPLACE, SLAPI_USERPWD_ATTR, newPasswd);
- ret = passwd_apply_mods(pb_orig, dn, &smods, req_controls, resp_controls);
+ ret = passwd_apply_mods(pb_orig, slapi_entry_get_sdn_const(targetEntry),
+ &smods, req_controls, resp_controls);
slapi_mods_done(&smods);
@@ -238,7 +238,6 @@ static int passwd_modify_generate_basic_passwd( int passlen, char **genpasswd )
char *data = NULL;
char *enc = NULL;
int datalen = LDAP_EXTOP_PASSMOD_RANDOM_BYTES;
- int enclen = LDAP_EXTOP_PASSMOD_GEN_PASSWD_LEN + 1;
if ( genpasswd == NULL ) {
return LDAP_OPERATIONS_ERROR;
@@ -246,7 +245,6 @@ static int passwd_modify_generate_basic_passwd( int passlen, char **genpasswd )
if ( passlen > 0 ) {
datalen = passlen * 3 / 4 + 1;
- enclen = datalen * 4; /* allocate the large enough space */
}
data = slapi_ch_calloc( datalen, 1 );
@@ -454,10 +452,10 @@ passwd_modify_extop( Slapi_PBlock *pb )
{
char *oid = NULL;
char *bindDN = NULL;
+ Slapi_DN *bindSDN = NULL;
char *authmethod = NULL;
char *rawdn = NULL;
- char *dn = NULL;
- size_t dnlen = 0;
+ const char *dn = NULL;
char *otdn = NULL;
char *oldPasswd = NULL;
char *newPasswd = NULL;
@@ -582,15 +580,13 @@ passwd_modify_extop( Slapi_PBlock *pb )
if (tag == LDAP_EXTOP_PASSMOD_TAG_USERID )
{
int rc = 0;
- if ( ber_scanf( ber, "a", &rawdn) == LBER_ERROR )
- {
- slapi_ch_free_string(&rawdn);
- LDAPDebug( LDAP_DEBUG_ANY,
- "ber_scanf failed :{\n", 0, 0, 0 );
- errMesg = "ber_scanf failed at userID parse.\n";
- rc = LDAP_PROTOCOL_ERROR;
- goto free_and_return;
- }
+ if ( ber_scanf( ber, "a", &rawdn) == LBER_ERROR ) {
+ slapi_ch_free_string(&rawdn);
+ LDAPDebug( LDAP_DEBUG_ANY, "ber_scanf failed :{\n", 0, 0, 0 );
+ errMesg = "ber_scanf failed at userID parse.\n";
+ rc = LDAP_PROTOCOL_ERROR;
+ goto free_and_return;
+ }
/* Check if we should be performing strict validation. */
if (config_get_dn_validate_strict()) {
@@ -605,50 +601,31 @@ passwd_modify_extop( Slapi_PBlock *pb )
goto free_and_return;
}
}
- rc = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "EXT", rawdn?rawdn:"",
- "invalid target dn");
- slapi_ch_free_string(&rawdn);
- errMesg = "invalid target dn.\n";
- rc = LDAP_INVALID_SYNTAX;
- goto free_and_return;
- } else if (rc == 0) { /* rawdn is passed in, not terminated */
- *(dn + dnlen) = '\0';
- } else {
- slapi_ch_free_string(&rawdn);
- }
- tag = ber_peek_tag( ber, &len);
+ tag = ber_peek_tag(ber, &len);
}
-
/* identify oldPasswd field by tags */
- if (tag == LDAP_EXTOP_PASSMOD_TAG_OLDPWD )
- {
- if ( ber_scanf( ber, "a", &oldPasswd ) == LBER_ERROR )
- {
- slapi_ch_free_string(&oldPasswd);
- LDAPDebug( LDAP_DEBUG_ANY,
- "ber_scanf failed :{\n", 0, 0, 0 );
- errMesg = "ber_scanf failed at oldPasswd parse.\n";
- rc = LDAP_PROTOCOL_ERROR;
- goto free_and_return;
- }
+ if (tag == LDAP_EXTOP_PASSMOD_TAG_OLDPWD ) {
+ if ( ber_scanf( ber, "a", &oldPasswd ) == LBER_ERROR ) {
+ slapi_ch_free_string(&oldPasswd);
+ LDAPDebug( LDAP_DEBUG_ANY, "ber_scanf failed :{\n", 0, 0, 0 );
+ errMesg = "ber_scanf failed at oldPasswd parse.\n";
+ rc = LDAP_PROTOCOL_ERROR;
+ goto free_and_return;
+ }
tag = ber_peek_tag( ber, &len);
}
/* identify newPasswd field by tags */
if (tag == LDAP_EXTOP_PASSMOD_TAG_NEWPWD )
{
- if ( ber_scanf( ber, "a", &newPasswd ) == LBER_ERROR )
- {
- slapi_ch_free_string(&newPasswd);
- LDAPDebug( LDAP_DEBUG_ANY,
- "ber_scanf failed :{\n", 0, 0, 0 );
- errMesg = "ber_scanf failed at newPasswd parse.\n";
- rc = LDAP_PROTOCOL_ERROR;
- goto free_and_return;
- }
+ if ( ber_scanf( ber, "a", &newPasswd ) == LBER_ERROR ) {
+ slapi_ch_free_string(&newPasswd);
+ LDAPDebug( LDAP_DEBUG_ANY, "ber_scanf failed :{\n", 0, 0, 0 );
+ errMesg = "ber_scanf failed at newPasswd parse.\n";
+ rc = LDAP_PROTOCOL_ERROR;
+ goto free_and_return;
+ }
}
parse_req_done:
@@ -659,14 +636,28 @@ parse_req_done:
/* Get Bind DN */
slapi_pblock_get( pb, SLAPI_CONN_DN, &bindDN );
+ /* If the connection is bound anonymously, we must refuse to process this operation. */
+ if (bindDN == NULL || *bindDN == '\0') {
+ /* Refuse the operation because they're bound anonymously */
+ errMesg = "Anonymous Binds are not allowed.\n";
+ rc = LDAP_INSUFFICIENT_ACCESS;
+ goto free_and_return;
+ }
+
/* Find and set the target DN. */
- if (dn && *dn != '\0') {
- target_sdn = slapi_sdn_new_dn_byref(dn);
- slapi_pblock_set(pb, SLAPI_TARGET_DN, dn);
- } else if (bindDN && *bindDN != '\0') {
- target_sdn = slapi_sdn_new_dn_byref(bindDN);
- slapi_pblock_set(pb, SLAPI_TARGET_DN, bindDN);
+ if (rawdn && *rawdn != '\0') {
+ target_sdn = slapi_sdn_new_dn_passin(rawdn);
+ } else { /* We already checked (bindDN && *bindDN != '\0') above */
+ target_sdn = bindSDN = slapi_sdn_new_normdn_byref(bindDN);
+ }
+ dn = slapi_sdn_get_ndn(target_sdn);
+ if (dn == NULL || *dn == '\0') {
+ /* Refuse the operation because they're bound anonymously */
+ errMesg = "Invalid dn.\n";
+ rc = LDAP_INVALID_DN_SYNTAX;
+ goto free_and_return;
}
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, target_sdn);
/* Check if we need to send any referrals. */
if (slapi_dn_write_needs_referral(target_sdn, &referrals)) {
@@ -674,14 +665,6 @@ parse_req_done:
goto free_and_return;
}
- /* If the connection is bound anonymously, we must refuse to process this operation. */
- if (bindDN == NULL || *bindDN == '\0') {
- /* Refuse the operation because they're bound anonymously */
- errMesg = "Anonymous Binds are not allowed.\n";
- rc = LDAP_INSUFFICIENT_ACCESS;
- goto free_and_return;
- }
-
if (oldPasswd == NULL || *oldPasswd == '\0') {
/* If user is authenticated, they already gave their password during
* the bind operation (or used sasl or client cert auth or OS creds) */
@@ -746,19 +729,7 @@ parse_req_done:
ber_free( response_ber, 1 );
}
-
- /* Determine the target DN for this operation */
- /* Did they give us a DN ? */
- if (dn == NULL || *dn == '\0') {
- /* Get the DN from the bind identity on this connection */
- slapi_ch_free_string(&dn);
- dn = slapi_ch_strdup(bindDN);
- LDAPDebug( LDAP_DEBUG_ANY,
- "Missing userIdentity in request, using the bind DN instead.\n",
- 0, 0, 0 );
- }
-
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn );
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, (void *)dn );
/* Now we have the DN, look for the entry */
ret = passwd_modify_getEntry(dn, &targetEntry);
@@ -826,7 +797,9 @@ parse_req_done:
* this here since the normal modify code doesn't perform this check for
* internal operations. */
if (!pb->pb_op->o_isroot && !pb->pb_conn->c_needpw && !pwpolicy->pw_change) {
- Slapi_DN *bindSDN = slapi_sdn_new_dn_byref(bindDN);
+ if (NULL == bindSDN) {
+ bindSDN = slapi_sdn_new_normdn_byref(bindDN);
+ }
/* Is this a user modifying their own password? */
if (slapi_sdn_compare(bindSDN, slapi_entry_get_sdn(targetEntry))==0) {
if (need_pwpolicy_ctrl) {
@@ -834,10 +807,8 @@ parse_req_done:
}
errMesg = "User is not allowed to change password\n";
rc = LDAP_UNWILLING_TO_PERFORM;
- slapi_sdn_free(&bindSDN);
goto free_and_return;
}
- slapi_sdn_free(&bindSDN);
}
/* Fetch any present request controls so we can use them when
@@ -879,8 +850,6 @@ free_and_return:
send_ldap_result( pb, rc, NULL, errMesg, 0, NULL );
}
- slapi_sdn_free(&target_sdn);
- slapi_ch_free_string(&bindDN); /* slapi_pblock_get SLAPI_CONN_DN does strdup */
slapi_ch_free_string(&oldPasswd);
slapi_ch_free_string(&newPasswd);
/* Either this is the same pointer that we allocated and set above,
@@ -888,9 +857,16 @@ free_and_return:
* value that we need to free here */
slapi_pblock_get( pb, SLAPI_ORIGINAL_TARGET, &otdn );
if (otdn != dn) {
- slapi_ch_free_string(&dn);
+ slapi_ch_free_string(&otdn);
}
- slapi_ch_free_string(&otdn);
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &target_sdn);
+ if (bindSDN != target_sdn) {
+ slapi_sdn_free(&bindSDN);
+ }
+ /* slapi_pblock_get SLAPI_CONN_DN does strdup */
+ slapi_ch_free_string(&bindDN);
+ slapi_sdn_free(&target_sdn);
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, NULL);
slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, NULL );
slapi_ch_free_string(&authmethod);
delete_passwdPolicy(&pwpolicy);
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index d068132..3dbd828 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -1121,11 +1121,31 @@ slapi_pblock_get( Slapi_PBlock *pblock, int arg, void *value )
(*(entry_address **)value) = &(pblock->pb_op->o_params.target_address);
}
break;
- /* should be normalized */
- case SLAPI_TARGET_DN:
+ case SLAPI_TARGET_DN: /* DEPRECATED */
+ /* The returned value refers SLAPI_TARGET_SDN.
+ * It should not be freed.*/
if(pblock->pb_op!=NULL)
{
- (*(char **)value) = pblock->pb_op->o_params.target_address.dn;
+ Slapi_DN *sdn = pblock->pb_op->o_params.target_address.sdn;
+ if (sdn) {
+ (*(char **)value) = (char *)slapi_sdn_get_dn(sdn);
+ } else {
+ (*(char **)value) = NULL;
+ }
+ }
+ else
+ {
+ return( -1 );
+ }
+ break;
+ case SLAPI_TARGET_SDN:
+ if(pblock->pb_op!=NULL)
+ {
+ (*(Slapi_DN **)value) = pblock->pb_op->o_params.target_address.sdn;
+ }
+ else
+ {
+ return( -1 );
}
break;
case SLAPI_ORIGINAL_TARGET_DN:
@@ -1330,11 +1350,31 @@ slapi_pblock_get( Slapi_PBlock *pblock, int arg, void *value )
(*(int *)value) = pblock->pb_op->o_params.p.p_modrdn.modrdn_deloldrdn;
}
break;
- case SLAPI_MODRDN_NEWSUPERIOR:
+ case SLAPI_MODRDN_NEWSUPERIOR: /* DEPRECATED */
if(pblock->pb_op!=NULL)
{
- (*(char **)value) =
- pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.dn;
+ Slapi_DN *sdn =
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn;
+ if (sdn) {
+ (*(char **)value) = (char *)slapi_sdn_get_dn(sdn);
+ } else {
+ (*(char **)value) = NULL;
+ }
+ }
+ else
+ {
+ return -1;
+ }
+ break;
+ case SLAPI_MODRDN_NEWSUPERIOR_SDN:
+ if(pblock->pb_op!=NULL)
+ {
+ (*(Slapi_DN **)value) =
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn;
+ }
+ else
+ {
+ return -1;
}
break;
case SLAPI_MODRDN_PARENT_ENTRY:
@@ -1725,6 +1765,18 @@ slapi_pblock_get( Slapi_PBlock *pblock, int arg, void *value )
}
break;
+ case SLAPI_REQUESTOR_NDN:
+ /* NOTE: It's not a copy of the DN */
+ if (pblock->pb_op != NULL)
+ {
+ char *ndn = (char*)slapi_sdn_get_ndn(&pblock->pb_op->o_sdn);
+ if(ndn == NULL)
+ (*( char **)value ) = "";
+ else
+ (*( char **)value ) = ndn;
+ }
+ break;
+
case SLAPI_OPERATION_AUTHTYPE:
if (pblock->pb_op != NULL)
{
@@ -2676,10 +2728,31 @@ slapi_pblock_set( Slapi_PBlock *pblock, int arg, void *value )
case SLAPI_TARGET_ADDRESS:
PR_ASSERT (PR_FALSE); /* can't do this */
break;
- case SLAPI_TARGET_DN:
+ case SLAPI_TARGET_DN: /* DEPRECATED */
+ /* slapi_pblock_set(pb, SLAPI_TARGET_DN, val) automatically
+ * replaces SLAPI_TARGET_SDN. Caller should not free the
+ * original SLAPI_TARGET_SDN, but the reset one here by getting
+ * the address using slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn). */
if(pblock->pb_op!=NULL)
{
- pblock->pb_op->o_params.target_address.dn = (char *)value;
+ Slapi_DN *sdn = pblock->pb_op->o_params.target_address.sdn;
+ slapi_sdn_free(&sdn);
+ pblock->pb_op->o_params.target_address.sdn =
+ slapi_sdn_new_dn_byval((char *)value);
+ }
+ else
+ {
+ return( -1 );
+ }
+ break;
+ case SLAPI_TARGET_SDN:
+ if(pblock->pb_op!=NULL)
+ {
+ pblock->pb_op->o_params.target_address.sdn = (Slapi_DN *)value;
+ }
+ else
+ {
+ return( -1 );
}
break;
case SLAPI_ORIGINAL_TARGET_DN:
@@ -2830,10 +2903,29 @@ slapi_pblock_set( Slapi_PBlock *pblock, int arg, void *value )
pblock->pb_op->o_params.p.p_modrdn.modrdn_deloldrdn = *((int *) value);
}
break;
- case SLAPI_MODRDN_NEWSUPERIOR:
+ case SLAPI_MODRDN_NEWSUPERIOR: /* DEPRECATED */
+ if(pblock->pb_op!=NULL)
+ {
+ Slapi_DN *sdn =
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn;
+ slapi_sdn_free(&sdn);
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn =
+ slapi_sdn_new_dn_byval((char *)value);
+ }
+ else
+ {
+ return -1;
+ }
+ break;
+ case SLAPI_MODRDN_NEWSUPERIOR_SDN:
if(pblock->pb_op!=NULL)
{
- pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.dn = (char *) value;
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn =
+ (Slapi_DN *) value;
+ }
+ else
+ {
+ return -1;
}
break;
case SLAPI_MODRDN_PARENT_ENTRY:
@@ -3456,9 +3548,7 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
if ( conn->c_dn != NULL ) {
if ( bind_target_entry == NULL )
{
- Slapi_DN *sdn;
-
- sdn = slapi_sdn_new_dn_byref( conn->c_dn ); /* set */
+ Slapi_DN *sdn = slapi_sdn_new_normdn_byref( conn->c_dn );
reslimit_update_from_dn( conn, sdn );
slapi_sdn_free( &sdn );
} else {
@@ -3466,11 +3556,9 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
}
} else {
char *anon_dn = config_get_anon_limits_dn();
- Slapi_DN *anon_sdn = NULL;
-
/* If an anonymous limits dn is set, use it to set the limits. */
if (anon_dn && (strlen(anon_dn) > 0)) {
- anon_sdn = slapi_sdn_new_dn_byref( anon_dn );
+ Slapi_DN *anon_sdn = slapi_sdn_new_normdn_byref( anon_dn );
reslimit_update_from_dn( conn, anon_sdn );
slapi_sdn_free( &anon_sdn );
}
diff --git a/ldap/servers/slapd/plugin.c b/ldap/servers/slapd/plugin.c
index 19d6d38..52b560f 100644
--- a/ldap/servers/slapd/plugin.c
+++ b/ldap/servers/slapd/plugin.c
@@ -180,6 +180,7 @@ add_plugin_entries()
slapi_add_entry_internal_set_pb(&newpb, ep->e, NULL,
ep->plugin, plugin_actions);
slapi_pblock_set(&newpb, SLAPI_TARGET_DN, (void*)slapi_entry_get_dn_const(ep->e));
+ slapi_pblock_set(&newpb, SLAPI_TARGET_SDN, (void*)slapi_entry_get_sdn_const(ep->e));
slapi_add_internal_pb(&newpb);
deleteep = ep;
ep = ep->next;
@@ -269,16 +270,13 @@ slapi_register_plugin_ext(
int ii = 0;
int rc = 0;
Slapi_Entry *e = NULL;
- char *dn = slapi_create_dn_string("cn=%s,%s", name, PLUGIN_BASE_DN);
- if (NULL == dn) {
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
- "slapi_register_plugin_ext: "
- "failed to create plugin dn (plugin name: %s)\n", name);
- return 1;
- }
+ char *dn = slapi_ch_smprintf("cn=%s,%s", name, PLUGIN_BASE_DN);
+ Slapi_DN *sdn = slapi_sdn_new_dn_passin(dn);
+
e = slapi_entry_alloc();
/* this function consumes dn */
- slapi_entry_init(e, dn, NULL);
+ slapi_entry_init_ext(e, sdn, NULL);
+ slapi_sdn_free(&sdn);
slapi_entry_attr_set_charptr(e, "cn", name);
slapi_entry_attr_set_charptr(e, ATTR_PLUGIN_TYPE, plugintype);
@@ -520,9 +518,6 @@ plugin_extended_op_oid2string( const char *oid )
}
break;
}
- if ( p->plg_exoids[i] != NULL ) {
- break;
- }
}
}
}
@@ -991,30 +986,30 @@ plugin_dependency_startall(int argc, char** argv, char *errmsg, int operation)
if(plugin_entry)
{
- /*
- * Pass the plugin DN in SLAPI_TARGET_DN and the plugin entry
- * in SLAPI_ADD_ENTRY. For this to actually work, we need to
- * create an operation and include that in the pblock as well,
- * because these two items are stored in the operation parameters.
- */
- /* WARNING: memory leak here - op is only freed by a pblock_done,
+ /*
+ * Pass the plugin DN in SLAPI_TARGET_SDN and the plugin entry
+ * in SLAPI_ADD_ENTRY. For this to actually work, we need to
+ * create an operation and include that in the pblock as well,
+ * because these two items are stored in the operation parameters.
+ */
+ /* WARNING: memory leak here - op is only freed by a pblock_done,
and this only happens below if the plugin is enabled - a short
circuit goto bail may also cause a leak - however, since this
only happens a few times at startup, this is not a very serious
leak - just after the call to plugin_call_one */
- Operation *op = internal_operation_new(SLAPI_OPERATION_ADD, 0);
- slapi_pblock_set(&(config[plugin_index].pb), SLAPI_OPERATION, op);
- slapi_pblock_set(&(config[plugin_index].pb), SLAPI_TARGET_DN,
- (void*)(slapi_entry_get_dn_const(plugin_entry)));
- slapi_pblock_set(&(config[plugin_index].pb), SLAPI_ADD_ENTRY,
- plugin_entry );
+ Operation *op = internal_operation_new(SLAPI_OPERATION_ADD, 0);
+ slapi_pblock_set(&(config[plugin_index].pb), SLAPI_OPERATION, op);
+ slapi_pblock_set(&(config[plugin_index].pb), SLAPI_TARGET_SDN,
+ (void*)(slapi_entry_get_sdn_const(plugin_entry)));
+ slapi_pblock_set(&(config[plugin_index].pb), SLAPI_ADD_ENTRY,
+ plugin_entry );
/* Pass the plugin alternate config area DN in SLAPI_PLUGIN_CONFIG_AREA. */
value = slapi_entry_attr_get_charptr(plugin_entry, ATTR_PLUGIN_CONFIG_AREA);
if(value)
{
- config[plugin_index].config_area = value;
- value = NULL;
+ config[plugin_index].config_area = value;
+ value = NULL;
slapi_pblock_set(&(config[plugin_index].pb), SLAPI_PLUGIN_CONFIG_AREA,
config[plugin_index].config_area);
}
@@ -1191,7 +1186,7 @@ plugin_dependency_startall(int argc, char** argv, char *errmsg, int operation)
newe = slapi_entry_dup( config[plugin_index].e );
slapi_add_entry_internal_set_pb(&newpb, newe, NULL,
plugin_get_default_component_id(), plugin_actions);
- slapi_pblock_set(&newpb, SLAPI_TARGET_DN, (void*)slapi_entry_get_dn_const(newe));
+ slapi_pblock_set(&newpb, SLAPI_TARGET_SDN, (void*)slapi_entry_get_sdn_const(newe));
slapi_add_internal_pb(&newpb);
pblock_done(&newpb);
config[plugin_index].entry_created = 1;
@@ -1440,17 +1435,17 @@ plugin_call_func (struct slapdplugin *list, int operation, Slapi_PBlock *pb, int
int count= 0;
for (; list != NULL; list = list->plg_next)
{
- IFP func = NULL;
+ IFP func = NULL;
- slapi_pblock_set (pb, SLAPI_PLUGIN, list);
- set_db_default_result_handlers (pb); /* JCM: What's this do? Is it needed here? */
- if (slapi_pblock_get (pb, operation, &func) == 0 && func != NULL &&
+ slapi_pblock_set (pb, SLAPI_PLUGIN, list);
+ set_db_default_result_handlers (pb); /* JCM: What's this do? Is it needed here? */
+ if (slapi_pblock_get (pb, operation, &func) == 0 && func != NULL &&
plugin_invoke_plugin_pb (list, operation, pb))
{
char *n= list->plg_name;
LDAPDebug( LDAP_DEBUG_TRACE, "Calling plugin '%s' #%d type %d\n", (n==NULL?"noname":n), count, operation );
/* counters_to_errors_log("before plugin call"); */
- if (( rc = func (pb)) != 0 )
+ if (( rc = func (pb)) != 0 )
{
if (SLAPI_PLUGIN_PREOPERATION == list->plg_type ||
SLAPI_PLUGIN_INTERNAL_PREOPERATION == list->plg_type ||
@@ -1471,16 +1466,16 @@ plugin_call_func (struct slapdplugin *list, int operation, Slapi_PBlock *pb, int
/* OR the result into the return value for be pre/postops */
return_value |= rc;
}
- }
+ }
/* counters_to_errors_log("after plugin call"); */
- }
+ }
count++;
if(call_one)
break;
- }
- return( return_value );
+ }
+ return( return_value );
}
int
@@ -1574,9 +1569,9 @@ ldapi_init_extended_ops( void )
slapi_rwlock_wrlock(extended_ops_lock);
charray_add(&supported_extended_ops,
- slapi_ch_strdup(EXTOP_BULK_IMPORT_START_OID));
+ slapi_ch_strdup(EXTOP_BULK_IMPORT_START_OID));
charray_add(&supported_extended_ops,
- slapi_ch_strdup(EXTOP_BULK_IMPORT_DONE_OID));
+ slapi_ch_strdup(EXTOP_BULK_IMPORT_DONE_OID));
/* add future supported extops here... */
slapi_rwlock_unlock(extended_ops_lock);
}
@@ -2147,7 +2142,9 @@ plugin_setup(Slapi_Entry *plugin_entry, struct slapi_componentid *group,
}
else
{
- plugin->plg_name = value; /* plugin owns value's memory now, don't free */
+ /* plg_name is normalized once here */
+ plugin->plg_name = slapi_create_rdn_value("%s", value);
+ slapi_ch_free((void**)&value);
}
if (!(value = slapi_entry_attr_get_charptr(plugin_entry, ATTR_PLUGIN_PRECEDENCE)))
@@ -2546,7 +2543,7 @@ plugin_invoke_plugin_sdn (struct slapdplugin *plugin, int operation, Slapi_PBloc
char* plugin_get_dn (const struct slapdplugin *plugin)
{
char *plugindn = NULL;
- char *pattern = "cn=%s," PLUGIN_BASE_DN;
+ char *pattern = "cn=%s," PLUGIN_BASE_DN; /* cn=plugins,cn=config */
if (plugin == NULL) /* old plugin that does not pass identity - use default */
plugin = &global_default_plg;
@@ -2554,7 +2551,8 @@ char* plugin_get_dn (const struct slapdplugin *plugin)
if (plugin->plg_name == NULL)
return NULL;
- plugindn = slapi_create_dn_string(pattern, plugin->plg_name);
+ /* plg_name is normalized in plugin_setup. So, we can use smprintf */
+ plugindn = slapi_ch_smprintf(pattern, plugin->plg_name);
if (NULL == plugindn) {
slapi_log_error(SLAPI_LOG_FATAL, NULL,
"plugin_get_dn: failed to create plugin dn "
diff --git a/ldap/servers/slapd/plugin_acl.c b/ldap/servers/slapd/plugin_acl.c
index 2dd0f71..24dcc76 100644
--- a/ldap/servers/slapd/plugin_acl.c
+++ b/ldap/servers/slapd/plugin_acl.c
@@ -138,12 +138,12 @@ plugin_call_acl_mods_update ( Slapi_PBlock *pb, int optype )
int rc = 0;
void *change = NULL;
Slapi_Entry *te = NULL;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Operation *operation;
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
- (void)slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ (void)slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
switch ( optype ) {
case SLAPI_OPERATION_MODIFY:
@@ -154,24 +154,29 @@ plugin_call_acl_mods_update ( Slapi_PBlock *pb, int optype )
te = (Slapi_Entry *)change;
if(!slapi_sdn_isempty(slapi_entry_get_sdn(te)))
{
- dn= (char*)slapi_sdn_get_ndn(slapi_entry_get_sdn(te)); /* jcm - Had to cast away const */
+ sdn = slapi_entry_get_sdn(te);
}
break;
case SLAPI_OPERATION_MODRDN:
(void)slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &change );
break;
- }
+ }
- slapi_sdn_init_dn_byref (&sdn, dn);
+ if (NULL == sdn) {
+ LDAPDebug0Args ( LDAP_DEBUG_ANY,
+ "plugin_call_acl_mods_update: Null target DN\n" );
+ return LDAP_INVALID_DN_SYNTAX;
+ }
+
/* call the global plugins first and then the backend specific */
+ dn = (char*)slapi_sdn_get_ndn(sdn); /* jcm - Had to cast away const */
for ( p = get_plugin_list(PLUGIN_LIST_ACL); p != NULL; p = p->plg_next ) {
- if (plugin_invoke_plugin_sdn (p, SLAPI_PLUGIN_ACL_MODS_UPDATE, pb, &sdn)){
+ if (plugin_invoke_plugin_sdn(p, SLAPI_PLUGIN_ACL_MODS_UPDATE, pb, sdn)){
rc = (*p->plg_acl_mods_update)(pb, optype, dn, change );
if ( rc != LDAP_SUCCESS ) break;
}
}
- slapi_sdn_done (&sdn);
return rc;
}
diff --git a/ldap/servers/slapd/plugin_internal_op.c b/ldap/servers/slapd/plugin_internal_op.c
index c8e6000..563bc46 100644
--- a/ldap/servers/slapd/plugin_internal_op.c
+++ b/ldap/servers/slapd/plugin_internal_op.c
@@ -282,21 +282,58 @@ int slapi_seq_internal_callback_pb (Slapi_PBlock *pb, void *callback_data, plugi
return (seq_internal_callback_pb (pb, callback_data, res_callback, srch_callback, ref_callback));
}
-void slapi_search_internal_set_pb (Slapi_PBlock *pb, const char *base, int scope, const char *filter, char **attrs,
- int attrsonly, LDAPControl **controls, const char *uniqueid,
- Slapi_ComponentId *plugin_identity, int operation_flags)
+void
+slapi_search_internal_set_pb (Slapi_PBlock *pb, const char *base,
+ int scope, const char *filter, char **attrs,
+ int attrsonly, LDAPControl **controls,
+ const char *uniqueid,
+ Slapi_ComponentId *plugin_identity,
+ int operation_flags)
{
Operation *op;
if (pb == NULL || base == NULL)
{
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
- "slapi_search_internal_set_pb: NULL parameter\n");
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "slapi_search_internal_set_pb: NULL parameter\n");
return;
}
- op= internal_operation_new(SLAPI_OPERATION_SEARCH,operation_flags);
+ op= internal_operation_new(SLAPI_OPERATION_SEARCH,operation_flags);
+ slapi_pblock_set(pb, SLAPI_OPERATION, op);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET_DN, (void *)base);
+ slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &scope);
+ slapi_pblock_set(pb, SLAPI_SEARCH_STRFILTER, (void*)filter);
+ slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
+ slapi_pblock_set(pb, SLAPI_SEARCH_ATTRS, attrs);
+ slapi_pblock_set(pb, SLAPI_SEARCH_ATTRSONLY, &attrsonly);
+ if (uniqueid)
+ {
+ slapi_pblock_set(pb, SLAPI_TARGET_UNIQUEID, (void*)uniqueid);
+ }
+ slapi_pblock_set(pb, SLAPI_PLUGIN_IDENTITY, (void*)plugin_identity);
+}
+
+void
+slapi_search_internal_set_pb_ext (Slapi_PBlock *pb, Slapi_DN *sdn,
+ int scope, const char *filter, char **attrs,
+ int attrsonly, LDAPControl **controls,
+ const char *uniqueid,
+ Slapi_ComponentId *plugin_identity,
+ int operation_flags)
+{
+ Operation *op;
+ if (pb == NULL || sdn == NULL)
+ {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "slapi_search_internal_set_pb: NULL parameter\n");
+ return;
+ }
+
+ op= internal_operation_new(SLAPI_OPERATION_SEARCH,operation_flags);
slapi_pblock_set(pb, SLAPI_OPERATION, op);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, (void*)base);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET_DN,
+ (void *)slapi_sdn_get_udn(sdn));
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, (void *)sdn);
slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &scope);
slapi_pblock_set(pb, SLAPI_SEARCH_STRFILTER, (void*)filter);
slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
@@ -323,7 +360,7 @@ void slapi_seq_internal_set_pb(Slapi_PBlock *pb, char *base, int type, char *att
op= internal_operation_new(SLAPI_OPERATION_SEARCH,operation_flags);
slapi_pblock_set(pb, SLAPI_OPERATION, op);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, base);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET_DN, (void *)base );
slapi_pblock_set(pb, SLAPI_SEQ_TYPE, &type);
slapi_pblock_set(pb, SLAPI_SEQ_ATTRNAME, attrname);
slapi_pblock_set(pb, SLAPI_SEQ_VAL, val);
@@ -343,19 +380,22 @@ static int seq_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
Operation *op;
struct callback_fn_ptrs callback_handler_data;
Slapi_Backend *be;
- Slapi_DN sdn;
char *base;
char *attrname, *val;
+ Slapi_DN *sdn = NULL;
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
+ slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, (void *)&base );
slapi_pblock_get(pb, SLAPI_CONTROLS_ARG, &controls);
- if (base == NULL) {
- slapi_sdn_init_dn_byval(&sdn,"");
- } else {
- slapi_sdn_init_dn_byval(&sdn, base);
- }
- be = slapi_be_select(&sdn);
+ if (base == NULL) {
+ sdn = slapi_sdn_new_dn_byval("");
+ } else {
+ sdn = slapi_sdn_new_dn_byref(base);
+ }
+
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, sdn);
+
+ be = slapi_be_select(sdn);
callback_handler_data.p_res_callback = prc;
callback_handler_data.p_srch_entry_callback = psec;
@@ -369,8 +409,7 @@ static int seq_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
op->o_search_referral_handler = internal_ref_entry_callback;
/* set target specification of the operation used to decide which plugins are called for the operation */
- operation_set_target_spec (op, &sdn);
-
+ operation_set_target_spec (op, sdn);
/* Normalize the attribute type and value */
slapi_pblock_get (pb, SLAPI_SEQ_ATTRNAME, &attrname);
@@ -396,14 +435,16 @@ static int seq_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
}
else
{
- send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL, "Function not implemented", 0, NULL);
+ send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL, "Function not implemented", 0, NULL);
rc = 0;
}
- slapi_ch_free((void **) &attrname);
- slapi_ch_free((void **) &val);
-
- slapi_sdn_done(&sdn);
+ slapi_ch_free_string(&attrname);
+ slapi_ch_free_string(&val);
+ /* slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &normbase); */
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, NULL);
return rc;
}
@@ -675,10 +716,11 @@ static int search_internal_pb (Slapi_PBlock *pb)
return 0;
}
-static int search_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
- plugin_result_callback prc,
- plugin_search_entry_callback psec,
- plugin_referral_entry_callback prec)
+static int
+search_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
+ plugin_result_callback prc,
+ plugin_search_entry_callback psec,
+ plugin_referral_entry_callback prec)
{
LDAPControl **controls;
Operation *op;
@@ -689,8 +731,6 @@ static int search_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
char *ifstr;
int opresult;
int rc = 0;
- char *original_base = 0;
- char *new_base = 0;
PR_ASSERT (pb);
@@ -755,12 +795,8 @@ static int search_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
* memory so we need to keep track of
* changed base search strings
*/
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &original_base);
- slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET_DN, slapi_ch_strdup(original_base));
-
op_shared_search (pb, 1);
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &new_base);
slapi_pblock_get(pb, SLAPI_SEARCH_FILTER, &filter);
done:
@@ -770,24 +806,17 @@ done:
slapi_filter_free(filter, 1 /* recurse */);
}
- if(original_base != new_base)
- slapi_ch_free_string(&new_base);
-
- /* we strdup'd this above - need to free */
- slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &original_base);
- slapi_ch_free_string(&original_base);
-
return(rc);
}
/* allow/disallow operation based of the plugin configuration */
PRBool allow_operation (Slapi_PBlock *pb)
{
- char *dn = NULL;
struct slapdplugin *plugin = NULL;
+ Slapi_DN *sdnp = NULL;
Slapi_DN sdn;
PRBool allow;
- struct slapi_componentid * cid=NULL;
+ struct slapi_componentid * cid=NULL;
PR_ASSERT (pb);
@@ -805,17 +834,17 @@ PRBool allow_operation (Slapi_PBlock *pb)
return PR_FALSE;
}
- slapi_pblock_get (pb, SLAPI_TARGET_DN, &dn);
- if (dn == NULL) {
- slapi_sdn_init_dn_byval(&sdn,"");
- } else {
- slapi_sdn_init_dn_byval(&sdn, dn);
- }
+ slapi_sdn_init(&sdn);
+ slapi_pblock_get (pb, SLAPI_TARGET_SDN, &sdnp);
+ if (NULL == sdnp) {
+ slapi_sdn_init_dn_byval(&sdn,"");
+ sdnp = &sdn;
+ }
- allow = plugin_allow_internal_op (&sdn, plugin);
-
- slapi_sdn_done (&sdn);
+ allow = plugin_allow_internal_op (sdnp, plugin);
+ slapi_sdn_done(&sdn);
+
return allow;
}
diff --git a/ldap/servers/slapd/plugin_syntax.c b/ldap/servers/slapd/plugin_syntax.c
index 2e357b4..adfda4a 100644
--- a/ldap/servers/slapd/plugin_syntax.c
+++ b/ldap/servers/slapd/plugin_syntax.c
@@ -282,7 +282,7 @@ plugin_call_syntax_filter_sub_sv(
*/
int
slapi_dn_syntax_check(
- Slapi_PBlock *pb, char *dn, int override
+ Slapi_PBlock *pb, const char *dn, int override
)
{
int ret = 0;
@@ -312,7 +312,7 @@ slapi_dn_syntax_check(
if (dn_plugin && dn_plugin->plg_syntax_validate != NULL) {
/* Create a berval to pass to the validate function. */
if (dn) {
- dn_bval.bv_val = dn;
+ dn_bval.bv_val = (char *)dn;
dn_bval.bv_len = strlen(dn);
/* Validate the value. */
@@ -459,7 +459,8 @@ slapi_mods_syntax_check(
char errtext[ BUFSIZ ];
char *errp = &errtext[0];
size_t err_remaining = sizeof(errtext);
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
LDAPMod *mod = NULL;
if (mods == NULL) {
@@ -469,7 +470,8 @@ slapi_mods_syntax_check(
if (pb != NULL) {
slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation);
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ dn = slapi_sdn_get_dn(sdn);
}
/* If syntax checking and logging are off, or if this is a
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index 0ff2296..69a7554 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -862,7 +862,7 @@ void pw_add_allowchange_aci(Slapi_Entry *e, int pw_prohibit_change);
* pw_retry.c
*/
int update_pw_retry ( Slapi_PBlock *pb );
-void pw_apply_mods(const char *dn, Slapi_Mods *mods);
+void pw_apply_mods(const Slapi_DN *sdn, Slapi_Mods *mods);
void pw_set_componentID(struct slapi_componentid * cid);
struct slapi_componentid * pw_get_componentID();
diff --git a/ldap/servers/slapd/proxyauth.c b/ldap/servers/slapd/proxyauth.c
index 9dbcac8..2230a31 100644
--- a/ldap/servers/slapd/proxyauth.c
+++ b/ldap/servers/slapd/proxyauth.c
@@ -87,9 +87,7 @@ parse_LDAPProxyAuth(struct berval *spec_ber, int version, char **errtextp,
LDAPProxyAuth *spec = NULL;
BerElement *ber = NULL;
char *errstring = "unable to parse proxied authorization control";
- int rc = 0;
- char *normed = NULL;
- size_t dnlen = 0;
+ Slapi_DN *sdn = NULL;
BEGIN
ber_tag_t tag;
@@ -143,14 +141,11 @@ parse_LDAPProxyAuth(struct berval *spec_ber, int version, char **errtextp,
}
lderr = LDAP_SUCCESS; /* got it! */
- rc = slapi_dn_normalize_ext(spec->auth_dn, 0, &normed, &dnlen);
- if (rc < 0) {
+ sdn = slapi_sdn_new_dn_passin(spec->auth_dn);
+ spec->auth_dn = slapi_ch_strdup(slapi_sdn_get_ndn(sdn));
+ slapi_sdn_free(&sdn);
+ if (NULL == spec->auth_dn) {
lderr = LDAP_INVALID_SYNTAX;
- } else if (rc == 0) { /* spec->auth_dn is passed in; not terminated */
- *(normed + dnlen) = '\0';
- } else {
- slapi_ch_free_string(&spec->auth_dn);
- spec->auth_dn = normed;
}
END
diff --git a/ldap/servers/slapd/psearch.c b/ldap/servers/slapd/psearch.c
index c19d34f..9fc1172 100644
--- a/ldap/servers/slapd/psearch.c
+++ b/ldap/servers/slapd/psearch.c
@@ -291,6 +291,7 @@ ps_send_results( void *arg )
PSEQNode *peq, *peqnext;
struct slapi_filter *filter = 0;
char *base = NULL;
+ Slapi_DN *sdn = NULL;
char *fstr = NULL;
char **pbattrs = NULL;
int conn_acq_flag = 0;
@@ -392,16 +393,16 @@ ps_send_results( void *arg )
plugin_call_plugins( ps->ps_pblock , SLAPI_PLUGIN_POST_SEARCH_FN );
/* free things from the pblock that were not free'd in do_search() */
- /* Free SLAPI_SEARCH_* before deleting op since those are held by op */
- slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_TARGET, &base );
- slapi_pblock_set( ps->ps_pblock, SLAPI_SEARCH_TARGET, NULL );
- slapi_ch_free_string(&base);
-
/* we strdup'd this in search.c - need to free */
slapi_pblock_get( ps->ps_pblock, SLAPI_ORIGINAL_TARGET_DN, &base );
slapi_pblock_set( ps->ps_pblock, SLAPI_ORIGINAL_TARGET_DN, NULL );
slapi_ch_free_string(&base);
+ /* Free SLAPI_SEARCH_* before deleting op since those are held by op */
+ slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_TARGET_SDN, &sdn );
+ slapi_pblock_set( ps->ps_pblock, SLAPI_SEARCH_TARGET_SDN, NULL );
+ slapi_sdn_free(&sdn);
+
slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_STRFILTER, &fstr );
slapi_pblock_set( ps->ps_pblock, SLAPI_SEARCH_STRFILTER, NULL );
slapi_ch_free_string(&fstr);
@@ -525,8 +526,8 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
ber_int_t chgnum )
{
LDAPControl *ctrl = NULL;
- PSearch *ps = NULL;
- PSEQNode *pe = NULL;
+ PSearch *ps = NULL;
+ PSEQNode *pe = NULL;
int matched = 0;
const char *edn;
@@ -534,24 +535,24 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
return;
}
- if ( NULL == e ) {
+ if ( NULL == e ) {
/* For now, some backends such as the chaining backend do not provide a post-op entry */
return;
- }
+ }
- PSL_LOCK_READ();
+ PSL_LOCK_READ();
edn = slapi_entry_get_dn_const(e);
for ( ps = psearch_list ? psearch_list->pl_head : NULL; NULL != ps; ps = ps->ps_next ) {
- Slapi_DN base;
- Slapi_Filter *f;
- char *basedn;
- int scope;
+ char *origbase = NULL;
+ Slapi_DN *base = NULL;
+ Slapi_Filter *f;
+ int scope;
/* Skip the node that doesn't meet the changetype,
* or is unable to use the change in ps_send_results()
*/
- if (( ps->ps_changetypes & chgtype ) == 0 ||
+ if (( ps->ps_changetypes & chgtype ) == 0 ||
ps->ps_pblock->pb_op == NULL ||
slapi_op_abandoned( ps->ps_pblock ) ) {
continue;
@@ -560,14 +561,18 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
slapi_log_error(SLAPI_LOG_CONNS, "Persistent Search",
"conn=%" NSPRIu64 " op=%d entry %s with chgtype %d "
"matches the ps changetype %d\n",
- ps->ps_pblock->pb_conn->c_connid, ps->ps_pblock->pb_op->o_opid,
+ ps->ps_pblock->pb_conn->c_connid,
+ ps->ps_pblock->pb_op->o_opid,
edn, chgtype, ps->ps_changetypes);
slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_FILTER, &f );
- slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_TARGET, &basedn );
+ slapi_pblock_get( ps->ps_pblock, SLAPI_ORIGINAL_TARGET_DN, &origbase );
+ slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_TARGET_SDN, &base );
slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_SCOPE, &scope );
- slapi_sdn_init_dn_byref(&base,basedn);
-
+ if (NULL == base) {
+ base = slapi_sdn_new_dn_byref(origbase);
+ slapi_pblock_set(ps->ps_pblock, SLAPI_SEARCH_TARGET_SDN, base);
+ }
/*
* See if the entry meets the scope and filter criteria.
@@ -582,7 +587,7 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
* to the same pblock must be done carefully--there is currently no
* generic satisfactory way to do this.
*/
- if ( slapi_sdn_scope_test( slapi_entry_get_sdn_const(e), &base, scope ) &&
+ if ( slapi_sdn_scope_test( slapi_entry_get_sdn_const(e), base, scope ) &&
slapi_vattr_filter_test( ps->ps_pblock, e, f, 0 /* verify_access */ ) == 0 ) {
PSEQNode *pOldtail;
@@ -601,11 +606,11 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
eprev ? slapi_entry_get_dn_const(eprev) : NULL,
&ctrl );
if ( rc != LDAP_SUCCESS ) {
- char ebuf[ BUFSIZ ];
+ char ebuf[ BUFSIZ ];
LDAPDebug( LDAP_DEBUG_ANY, "ps_service_persistent_searches:"
- " unable to create EntryChangeNotification control for"
- " entry \"%s\" -- control won't be sent.\n",
- escape_string( slapi_entry_get_dn_const(e), ebuf), 0, 0 );
+ " unable to create EntryChangeNotification control for"
+ " entry \"%s\" -- control won't be sent.\n",
+ escape_string( slapi_entry_get_dn_const(e), ebuf), 0, 0 );
}
}
if ( ctrl ) {
@@ -618,29 +623,28 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
pOldtail = ps->ps_eq_tail;
ps->ps_eq_tail = pe;
if ( NULL == ps->ps_eq_head ) {
- ps->ps_eq_head = ps->ps_eq_tail;
+ ps->ps_eq_head = ps->ps_eq_tail;
}
else {
pOldtail->pe_next = ps->ps_eq_tail;
}
PR_Unlock( ps->ps_lock );
}
- slapi_sdn_done(&base);
}
PSL_UNLOCK_READ();
- /* Were there any matches? */
- if ( matched ) {
+ /* Were there any matches? */
+ if ( matched ) {
ldap_control_free( ctrl );
/* Turn 'em loose */
ps_wakeup_all();
LDAPDebug( LDAP_DEBUG_TRACE, "ps_service_persistent_searches: enqueued entry "
"\"%s\" on %d persistent search lists\n", slapi_entry_get_dn_const(e), matched, 0 );
- } else {
+ } else {
LDAPDebug( LDAP_DEBUG_TRACE, "ps_service_persistent_searches: entry "
"\"%s\" not enqueued on any persistent search lists\n", slapi_entry_get_dn_const(e), 0, 0 );
- }
+ }
}
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
index 61d01d9..8138d05 100644
--- a/ldap/servers/slapd/pw.c
+++ b/ldap/servers/slapd/pw.c
@@ -69,7 +69,7 @@
#define GENERALIZED_TIME_LENGTH 15
static int pw_in_history(Slapi_Value **history_vals, const Slapi_Value *pw_val);
-static int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw );
+static int update_pw_history( Slapi_PBlock *pb, const Slapi_DN *sdn, char *old_pw );
static int check_trivial_words (Slapi_PBlock *, Slapi_Entry *, Slapi_Value **,
char *attrtype, int toklen, Slapi_Mods *smods );
static int pw_boolean_str2value (const char *str);
@@ -586,8 +586,9 @@ update_pw_info ( Slapi_PBlock *pb , char *old_pw) {
Slapi_Mods smods;
char *timestr;
time_t pw_exp_date;
- time_t cur_time;
- char *dn;
+ time_t cur_time;
+ const char *dn;
+ Slapi_DN *sdn = NULL;
passwdPolicy *pwpolicy = NULL;
int internal_op = 0;
Slapi_Operation *operation = NULL;
@@ -596,13 +597,14 @@ update_pw_info ( Slapi_PBlock *pb , char *old_pw) {
internal_op = slapi_operation_is_flag_set(operation, SLAPI_OP_FLAG_INTERNAL);
cur_time = current_time();
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
pwpolicy = new_passwdPolicy(pb, dn);
/* update passwordHistory */
if ( old_pw != NULL && pwpolicy->pw_history == 1 ) {
- update_pw_history(pb, dn, old_pw);
+ update_pw_history(pb, sdn, old_pw);
slapi_ch_free ( (void**)&old_pw );
}
@@ -663,7 +665,7 @@ update_pw_info ( Slapi_PBlock *pb , char *old_pw) {
} else if (prev_exp_date == SLAPD_END_TIME) {
/* Special entries' passwords never expire */
slapi_ch_free((void**)&prev_exp_date_str);
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
delete_passwdPolicy(&pwpolicy);
return 0;
@@ -680,7 +682,7 @@ update_pw_info ( Slapi_PBlock *pb , char *old_pw) {
*/
pw_exp_date = NOT_FIRST_TIME;
} else {
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
delete_passwdPolicy(&pwpolicy);
return 0;
@@ -694,7 +696,7 @@ update_pw_info ( Slapi_PBlock *pb , char *old_pw) {
slapi_mods_add_string(&smods, LDAP_MOD_REPLACE, "passwordExpWarned", "0");
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
if (pb->pb_conn) { /* no conn for internal op */
/* reset c_needpw to 0 */
@@ -1061,9 +1063,9 @@ check_pw_syntax_ext ( Slapi_PBlock *pb, const Slapi_DN *sdn, Slapi_Value **vals,
}
-static
-int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw ) {
-
+static int
+update_pw_history( Slapi_PBlock *pb, const Slapi_DN *sdn, char *old_pw )
+{
time_t t, old_t, cur_time;
int i = 0, oldest = 0;
int res;
@@ -1076,6 +1078,7 @@ int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw ) {
char *history_str;
char *str;
passwdPolicy *pwpolicy = NULL;
+ const char *dn = slapi_sdn_get_dn(sdn);
pwpolicy = new_passwdPolicy(pb, dn);
@@ -1134,13 +1137,13 @@ int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw ) {
list_of_mods[1] = NULL;
pblock_init(&mod_pb);
- slapi_modify_internal_set_pb(&mod_pb, dn, list_of_mods, NULL, NULL,
+ slapi_modify_internal_set_pb_ext(&mod_pb, sdn, list_of_mods, NULL, NULL,
pw_get_componentID(), 0);
slapi_modify_internal_pb(&mod_pb);
slapi_pblock_get(&mod_pb, SLAPI_PLUGIN_INTOP_RESULT, &res);
if (res != LDAP_SUCCESS){
- LDAPDebug(LDAP_DEBUG_ANY, "WARNING: passwordPolicy modify error %d on entry '%s'\n",
- res, dn, 0);
+ LDAPDebug2Args(LDAP_DEBUG_ANY,
+ "WARNING: passwordPolicy modify error %d on entry '%s'\n", res, dn);
}
pblock_done(&mod_pb);
@@ -1253,7 +1256,8 @@ slapi_add_pwd_control ( Slapi_PBlock *pb, char *arg, long time) {
}
void
-pw_mod_allowchange_aci(int pw_prohibit_change) {
+pw_mod_allowchange_aci(int pw_prohibit_change)
+{
const Slapi_DN *base;
char *values_mod[2];
LDAPMod mod;
@@ -1293,7 +1297,8 @@ pw_mod_allowchange_aci(int pw_prohibit_change) {
pblock_init (&pb);
values_mod[0] = DENY_PW_CHANGE_ACI;
values_mod[1] = NULL;
- slapi_modify_internal_set_pb(&pb, slapi_sdn_get_dn(base), mods, NULL, NULL, pw_get_componentID(), 0);
+ slapi_modify_internal_set_pb_ext(&pb, base, mods, NULL, NULL,
+ pw_get_componentID(), 0);
slapi_modify_internal_pb(&pb);
slapi_pblock_get(&pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
if (rc == LDAP_SUCCESS){
@@ -1302,7 +1307,7 @@ pw_mod_allowchange_aci(int pw_prohibit_change) {
** successfully, let's update the
** in-memory acl list
*/
- slapi_pblock_set(&pb, SLAPI_TARGET_DN, (char*)slapi_sdn_get_dn(base) ); /* jcm: cast away const */
+ slapi_pblock_set(&pb, SLAPI_TARGET_SDN, (void *)base);
plugin_call_acl_mods_update (&pb, LDAP_REQ_MODIFY );
}
pblock_done(&pb);
@@ -1320,7 +1325,7 @@ add_password_attrs( Slapi_PBlock *pb, Operation *op, Slapi_Entry *e )
struct berval *bvals[2];
Slapi_Attr **a, **next;
passwdPolicy *pwpolicy = NULL;
- char *dn = slapi_entry_get_ndn(e);
+ const char *dn = slapi_entry_get_ndn(e);
int has_allowchangetime = 0, has_expirationtime = 0;
time_t existing_exptime = 0;
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
index aa76e03..8d99879 100644
--- a/ldap/servers/slapd/pw_mgmt.c
+++ b/ldap/servers/slapd/pw_mgmt.c
@@ -63,11 +63,13 @@ need_new_pw( Slapi_PBlock *pb, long *t, Slapi_Entry *e, int pwresponse_req )
char *passwordExpirationTime;
char *timestring;
char *dn;
+ const Slapi_DN *sdn;
passwdPolicy *pwpolicy = NULL;
int pwdGraceUserTime = 0;
char graceUserTime[8];
slapi_mods_init (&smods, 0);
+ sdn = slapi_entry_get_sdn_const( e );
dn = slapi_entry_get_ndn( e );
pwpolicy = new_passwdPolicy(pb, dn);
@@ -100,9 +102,9 @@ need_new_pw( Slapi_PBlock *pb, long *t, Slapi_Entry *e, int pwresponse_req )
slapi_ch_free((void **)×tring);
slapi_mods_add_string(&smods, LDAP_MOD_REPLACE, "passwordExpWarned", "0");
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
} else if (pwpolicy->pw_lockout == 1) {
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
}
slapi_mods_done(&smods);
delete_passwdPolicy(&pwpolicy);
@@ -148,7 +150,7 @@ skip:
}
slapi_add_pwd_control ( pb, LDAP_CONTROL_PWEXPIRED, 0);
}
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
delete_passwdPolicy(&pwpolicy);
return ( 0 );
@@ -171,7 +173,7 @@ skip:
sprintf ( graceUserTime, "%d", pwdGraceUserTime );
slapi_mods_add_string(&smods, LDAP_MOD_REPLACE,
"passwordGraceUserTime", graceUserTime);
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
if (pwresponse_req) {
/* check for "changeafterreset" condition */
@@ -214,7 +216,7 @@ skip:
pb->pb_op->o_opid, SLAPD_DISCONNECT_UNBIND, 0);
}
/* Apply current modifications */
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
delete_passwdPolicy(&pwpolicy);
return (-1);
@@ -261,7 +263,7 @@ skip:
*t = (long)diff_t; /* jcm: had to cast double to long */
}
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
if (pwresponse_req) {
/* check for "changeafterreset" condition */
@@ -281,7 +283,7 @@ skip:
return (2);
}
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
/* Leftover from "changeafterreset" condition */
if (pb->pb_conn->c_needpw == 1) {
diff --git a/ldap/servers/slapd/pw_retry.c b/ldap/servers/slapd/pw_retry.c
index 573046f..9c801ad 100644
--- a/ldap/servers/slapd/pw_retry.c
+++ b/ldap/servers/slapd/pw_retry.c
@@ -124,13 +124,15 @@ int update_pw_retry ( Slapi_PBlock *pb )
static
void set_retry_cnt_and_time ( Slapi_PBlock *pb, int count, time_t cur_time ) {
- char *dn;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
Slapi_Mods smods;
time_t reset_time;
char *timestr;
passwdPolicy *pwpolicy = NULL;
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
pwpolicy = new_passwdPolicy(pb, dn);
slapi_mods_init(&smods, 0);
@@ -144,7 +146,7 @@ void set_retry_cnt_and_time ( Slapi_PBlock *pb, int count, time_t cur_time ) {
set_retry_cnt_mods(pb, &smods, count);
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
delete_passwdPolicy(&pwpolicy);
}
@@ -154,10 +156,12 @@ void set_retry_cnt_mods(Slapi_PBlock *pb, Slapi_Mods *smods, int count)
char *timestr;
time_t unlock_time;
char retry_cnt[8]; /* 1-65535 */
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
passwdPolicy *pwpolicy = NULL;
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
pwpolicy = new_passwdPolicy(pb, dn);
if (smods) {
@@ -185,14 +189,15 @@ void set_retry_cnt_mods(Slapi_PBlock *pb, Slapi_Mods *smods, int count)
}
static
-void set_retry_cnt ( Slapi_PBlock *pb, int count) {
- char *dn;
+void set_retry_cnt ( Slapi_PBlock *pb, int count)
+{
+ Slapi_DN *sdn = NULL;
Slapi_Mods smods;
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
slapi_mods_init(&smods, 0);
set_retry_cnt_mods(pb, &smods, count);
- pw_apply_mods(dn, &smods);
+ pw_apply_mods(sdn, &smods);
slapi_mods_done(&smods);
}
@@ -201,12 +206,13 @@ Slapi_Entry *get_entry ( Slapi_PBlock *pb, const char *dn)
{
int search_result = 0;
Slapi_Entry *retentry = NULL;
- Slapi_DN sdn;
+ Slapi_DN *target_sdn = NULL;
+ Slapi_DN sdn;
+
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &target_sdn );
if ((dn == NULL) && pb) {
- char *t;
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &t );
- dn= t;
+ dn = slapi_sdn_get_dn(target_sdn);
}
if (dn == NULL) {
@@ -216,7 +222,14 @@ Slapi_Entry *get_entry ( Slapi_PBlock *pb, const char *dn)
slapi_sdn_init_dn_byref(&sdn, dn);
- if ((search_result = slapi_search_internal_get_entry(&sdn, NULL, &retentry, pw_get_componentID())) != LDAP_SUCCESS){
+ if (slapi_sdn_compare(&sdn, target_sdn)) { /* does not match */
+ target_sdn = &sdn;
+ }
+
+ search_result = slapi_search_internal_get_entry(target_sdn, NULL,
+ &retentry,
+ pw_get_componentID());
+ if (search_result != LDAP_SUCCESS) {
LDAPDebug (LDAP_DEBUG_TRACE, "WARNING: 'get_entry' can't find entry '%s', err %d\n", dn, search_result, 0);
}
slapi_sdn_done(&sdn);
@@ -224,7 +237,8 @@ bail:
return retentry;
}
-void pw_apply_mods(const char *dn, Slapi_Mods *mods)
+void
+pw_apply_mods(const Slapi_DN *sdn, Slapi_Mods *mods)
{
Slapi_PBlock pb;
int res;
@@ -234,7 +248,7 @@ void pw_apply_mods(const char *dn, Slapi_Mods *mods)
pblock_init(&pb);
/* We don't want to overwrite the modifiersname, etc. attributes,
* so we set a flag for this operation */
- slapi_modify_internal_set_pb (&pb, dn,
+ slapi_modify_internal_set_pb_ext (&pb, sdn,
slapi_mods_get_ldapmods_byref(mods),
NULL, /* Controls */
NULL, /* UniqueID */
@@ -244,8 +258,9 @@ void pw_apply_mods(const char *dn, Slapi_Mods *mods)
slapi_pblock_get(&pb, SLAPI_PLUGIN_INTOP_RESULT, &res);
if (res != LDAP_SUCCESS){
- LDAPDebug(LDAP_DEBUG_ANY, "WARNING: passwordPolicy modify error %d on entry '%s'\n",
- res, dn, 0);
+ LDAPDebug2Args(LDAP_DEBUG_ANY,
+ "WARNING: passwordPolicy modify error %d on entry '%s'\n",
+ res, slapi_sdn_get_dn(sdn));
}
pblock_done(&pb);
diff --git a/ldap/servers/slapd/rdn.c b/ldap/servers/slapd/rdn.c
index 48d4d9e..c9f6386 100644
--- a/ldap/servers/slapd/rdn.c
+++ b/ldap/servers/slapd/rdn.c
@@ -132,12 +132,14 @@ _slapi_rdn_init_all_dn_ext(Slapi_RDN *rdn, const Slapi_DN *sdn)
char **dns = NULL;
int rc = 1;
- if (NULL == rdn || NULL == sdn)
- {
+ if (NULL == rdn || NULL == sdn) {
return -1;
}
dn = slapi_sdn_get_dn(sdn);
+ if (NULL == dn) {
+ return -1;
+ }
for (; isspace(*dn) ; dn++) ;
/* Suffix is a part of mapping tree. We should not free it */
@@ -227,13 +229,14 @@ int
slapi_rdn_init_all_dn(Slapi_RDN *rdn, const char *dn)
{
int rc = 0; /* success */
- Slapi_DN sdn = {0};
+ Slapi_DN sdn;
if (NULL == rdn || NULL == dn)
{
return -1;
}
slapi_rdn_init(rdn);
+ slapi_sdn_init(&sdn);
slapi_sdn_set_dn_byval(&sdn, dn);
rc = _slapi_rdn_init_all_dn_ext(rdn, (const Slapi_DN *)&sdn);
slapi_sdn_done(&sdn);
@@ -670,7 +673,19 @@ slapi_rdn_get_nrdn(Slapi_RDN *srdn)
}
if (NULL == srdn->nrdn)
{
- normalize_case_helper(srdn->rdn, &srdn->nrdn);
+ if (srdn->all_nrdns && srdn->all_nrdns[0])
+ {
+ srdn->nrdn = slapi_ch_strdup(srdn->all_nrdns[0]);
+ }
+ else if (srdn->all_rdns && srdn->all_rdns[0])
+ {
+ srdn->nrdn = slapi_ch_strdup(srdn->all_rdns[0]);
+ slapi_dn_ignore_case(srdn->nrdn);
+ }
+ else
+ {
+ normalize_case_helper(srdn->rdn, &srdn->nrdn);
+ }
}
return (const char *)srdn->nrdn;
}
diff --git a/ldap/servers/slapd/referral.c b/ldap/servers/slapd/referral.c
index 458da81..b704f86 100644
--- a/ldap/servers/slapd/referral.c
+++ b/ldap/servers/slapd/referral.c
@@ -186,12 +186,13 @@ ref_adjust( Slapi_PBlock *pb, struct berval **urls, const Slapi_DN *refsdn,
int is_reference )
{
int i, len, scope;
+ Slapi_DN *sdn = NULL;
char *p, *opdn_norm;
struct berval **urlscopy;
Operation *op;
if ( NULL == urls || NULL == urls[0] ) {
- return( NULL );
+ return( NULL );
}
PR_ASSERT( pb != NULL );
@@ -200,20 +201,20 @@ ref_adjust( Slapi_PBlock *pb, struct berval **urls, const Slapi_DN *refsdn,
* grab the operation target DN and operation structure.
* if the operation is a search, get the scope as well.
*/
- if ( slapi_pblock_get( pb, SLAPI_TARGET_DN, &p ) != 0 || p == NULL ||
- slapi_pblock_get( pb, SLAPI_OPERATION, &op ) != 0 || op == NULL ||
- ( operation_get_type(op) == SLAPI_OPERATION_SEARCH && slapi_pblock_get( pb,
- SLAPI_SEARCH_SCOPE, &scope ) != 0 )) {
- LDAPDebug( LDAP_DEBUG_ANY, "ref_adjust: referrals suppressed "
- "(could not get target DN, operation, or scope from pblock)\n",
- 0, 0, 0 );
- return( NULL );
+ if ( slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn ) != 0 || sdn == NULL ||
+ slapi_pblock_get( pb, SLAPI_OPERATION, &op ) != 0 || op == NULL ||
+ ( operation_get_type(op) == SLAPI_OPERATION_SEARCH && slapi_pblock_get( pb,
+ SLAPI_SEARCH_SCOPE, &scope ) != 0 )) {
+ LDAPDebug0Args( LDAP_DEBUG_ANY, "ref_adjust: referrals suppressed "
+ "(could not get target DN, operation, "
+ "or scope from pblock)\n" );
+ return( NULL );
}
/*
* normalize the DNs we plan to compare with others later.
*/
- opdn_norm = slapi_dn_normalize( slapi_ch_strdup( p ));
+ opdn_norm = slapi_ch_strdup( slapi_sdn_get_dn(sdn) );
/*
@@ -355,7 +356,7 @@ adjust_referral_basedn( char **urlp, const Slapi_DN *refsdn,
* Prepend the portion of the operation DN that does not match
* the ref container DN to the referral baseDN.
*/
- add_len = strlen( opdn_norm ) - strlen( slapi_sdn_get_ndn(refsdn) );
+ add_len = strlen( opdn_norm ) - slapi_sdn_get_ndn_len( refsdn );
cur_len = strlen( *urlp );
/* + 7 because we keep extra space in case we add ??base */
*urlp = slapi_ch_realloc( *urlp, cur_len + add_len + 7 );
@@ -377,7 +378,7 @@ adjust_referral_basedn( char **urlp, const Slapi_DN *refsdn,
add_len = strlen(opdn_norm);
p = opdn_norm;
} else {
- add_len = strlen(slapi_sdn_get_ndn(refsdn));
+ add_len = slapi_sdn_get_ndn_len(refsdn);
p = (char *)slapi_sdn_get_ndn(refsdn);
}
diff --git a/ldap/servers/slapd/result.c b/ldap/servers/slapd/result.c
index 800fb39..a3fff38 100644
--- a/ldap/servers/slapd/result.c
+++ b/ldap/servers/slapd/result.c
@@ -289,8 +289,9 @@ send_ldap_result_ext(
int i, rc, logit = 0;
ber_tag_t tag;
int flush_ber_element = 1;
- Slapi_Operation *operation;
- char *dn;
+ Slapi_Operation *operation;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
int internal_op;
passwdPolicy *pwpolicy = NULL;
@@ -368,8 +369,9 @@ send_ldap_result_ext(
/* invalid password. Update the password retry here */
/* put this here for now. It could be a send_result pre-op plugin. */
if (err == LDAP_INVALID_CREDENTIALS) {
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
- pwpolicy = new_passwdPolicy(pb, dn);
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
+ pwpolicy = new_passwdPolicy(pb, dn);
if (pwpolicy && (pwpolicy->pw_lockout == 1)) {
update_pw_retry ( pb );
}
diff --git a/ldap/servers/slapd/saslbind.c b/ldap/servers/slapd/saslbind.c
index f9f51df..9e5bc36 100644
--- a/ldap/servers/slapd/saslbind.c
+++ b/ldap/servers/slapd/saslbind.c
@@ -783,6 +783,8 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
sasl_ssf_t *ssfp;
char *activemech = NULL, *mech = NULL;
char *username, *dn = NULL;
+ const char *normdn = NULL;
+ Slapi_DN *sdn = NULL;
const char *sdata, *errstr;
unsigned slen;
int continuing = 0;
@@ -914,7 +916,7 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
propctx = sasl_auxprop_getctx(sasl_conn);
if (prop_getnames(propctx, dn_propnames, dnval) == 1) {
if (dnval[0].values && dnval[0].values[0]) {
- dn = slapi_ch_strdup(dnval[0].values[0]);
+ dn = slapi_ch_smprintf("%s", dnval[0].values[0]);
}
}
if (dn == NULL) {
@@ -924,8 +926,15 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
break;
}
- slapi_pblock_set( pb, SLAPI_BIND_TARGET, slapi_ch_strdup( dn ) );
- /* see if we negotiated a security layer */
+ /* clean up already set TARGET */
+ slapi_pblock_get(pb, SLAPI_BIND_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+
+ sdn = slapi_sdn_new_dn_passin(dn);
+ normdn = slapi_sdn_get_dn(sdn);
+
+ slapi_pblock_set( pb, SLAPI_BIND_TARGET_SDN, sdn );
+
if ((sasl_getprop(sasl_conn, SASL_SSF,
(const void**)&ssfp) == SASL_OK) && (*ssfp > 0)) {
LDAPDebug(LDAP_DEBUG_TRACE, "sasl ssf=%u\n", (unsigned)*ssfp, 0, 0);
@@ -947,7 +956,9 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
/* set the connection bind credentials */
PR_snprintf(authtype, sizeof(authtype), "%s%s", SLAPD_AUTH_SASL, mech);
- bind_credentials_set_nolock(pb->pb_conn, authtype, dn,
+ /* normdn is consumed by bind_credentials_set_nolock */
+ bind_credentials_set_nolock(pb->pb_conn, authtype,
+ slapi_ch_strdup(normdn),
NULL, NULL, NULL, bind_target_entry);
PR_Unlock(pb->pb_conn->c_mutex); /* BIG LOCK */
@@ -956,12 +967,12 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
break;
}
- isroot = slapi_dn_isroot(dn);
+ isroot = slapi_dn_isroot(normdn);
if (!isroot )
{
/* check if the account is locked */
- bind_target_entry = get_entry(pb, dn);
+ bind_target_entry = get_entry(pb, normdn);
if ( bind_target_entry == NULL )
{
goto out;
@@ -975,7 +986,7 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
slapi_pblock_get(pb, SLAPI_REQCONTROLS, &ctrls);
if (slapi_control_present(ctrls, LDAP_CONTROL_AUTH_REQUEST,
NULL, NULL)) {
- slapi_add_auth_response_control(pb, dn);
+ slapi_add_auth_response_control(pb, normdn);
}
if (slapi_mapping_tree_select(pb, &be, &referral, errorbuf) != LDAP_SUCCESS) {
diff --git a/ldap/servers/slapd/search.c b/ldap/servers/slapd/search.c
index ff4de17..6da7aa0 100644
--- a/ldap/servers/slapd/search.c
+++ b/ldap/servers/slapd/search.c
@@ -79,9 +79,6 @@ do_search( Slapi_PBlock *pb )
int send_entchg_controls;
int changesonly = 0;
int rc = -1;
- char *original_base = 0;
- char *new_base = 0;
- size_t baselen = 0;
int strict = 0;
LDAPDebug( LDAP_DEBUG_TRACE, "do_search\n", 0, 0, 0 );
@@ -138,24 +135,12 @@ do_search( Slapi_PBlock *pb )
return;
}
}
- rc = slapi_dn_normalize_ext(rawbase, 0, &base, &baselen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "SRCH",
- rawbase?rawbase:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free((void **) &rawbase);
- return;
- } else if (rc > 0) { /* if rc == 0, rawbase is passed in */
- slapi_ch_free((void **) &rawbase);
- } else { /* rc == 0; rawbase is passed in; not null terminated */
- *(base + baselen) = '\0';
- }
/* If anonymous access is only allowed for searching the root DSE,
* we need to reject any other anonymous search attempts. */
- if ((slapi_sdn_get_dn(&(operation->o_sdn)) == NULL) && ((baselen != 0) || (scope != LDAP_SCOPE_BASE))
- && (config_get_anon_access_switch() == SLAPD_ANON_ACCESS_ROOTDSE)) {
+ if ((slapi_sdn_get_dn(&(operation->o_sdn)) == NULL) &&
+ (scope != LDAP_SCOPE_BASE) &&
+ (config_get_anon_access_switch() == SLAPD_ANON_ACCESS_ROOTDSE)) {
op_shared_log_error_access(pb, "SRCH", base?base:"", "anonymous search not allowed");
send_ldap_result( pb, LDAP_INAPPROPRIATE_AUTH, NULL,
@@ -178,7 +163,7 @@ do_search( Slapi_PBlock *pb )
&& scope != LDAP_SCOPE_SUBTREE ) {
log_search_access (pb, base, scope, "???", "Unknown search scope");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
- "Unknown search scope", 0, NULL );
+ "Unknown search scope", 0, NULL );
goto free_and_return;
}
/* check and record the scope for snmp */
@@ -370,8 +355,7 @@ do_search( Slapi_PBlock *pb )
}
}
- slapi_pblock_set( pb, SLAPI_SEARCH_TARGET, base );
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET_DN, slapi_ch_strdup(base) );
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET_DN, rawbase );
slapi_pblock_set( pb, SLAPI_SEARCH_SCOPE, &scope );
slapi_pblock_set( pb, SLAPI_SEARCH_DEREF, &deref );
slapi_pblock_set( pb, SLAPI_SEARCH_FILTER, filter );
@@ -383,16 +367,8 @@ do_search( Slapi_PBlock *pb )
slapi_pblock_set( pb, SLAPI_SEARCH_SIZELIMIT, &sizelimit );
slapi_pblock_set( pb, SLAPI_SEARCH_TIMELIMIT, &timelimit );
- /* plugins which play with the search may
- * change the search params may allocate
- * memory so we need to keep track of
- * changed base search strings
- */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &original_base);
-
op_shared_search (pb, psearch ? 0 : 1/* send result */);
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &new_base);
slapi_pblock_get (pb, SLAPI_PLUGIN_OPRETURN, &rc);
slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, &filter );
@@ -402,10 +378,6 @@ do_search( Slapi_PBlock *pb )
free_and_return:;
if ( !psearch || rc < 0 ) {
- if(original_base != new_base) {
- slapi_ch_free_string(&new_base);
- }
- slapi_ch_free_string(&base);
slapi_ch_free_string(&fstr);
slapi_filter_free( filter, 1 );
charray_free( attrs ); /* passing NULL is fine */
@@ -418,8 +390,8 @@ free_and_return:;
operation->o_flags &= ~OP_FLAG_PS;
}
/* we strdup'd this above - need to free */
- slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &base);
- slapi_ch_free_string(&base);
+ slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &rawbase);
+ slapi_ch_free_string(&rawbase);
}
}
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index 3a54564..acf7bbd 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -586,9 +586,10 @@ typedef int (*SyntaxEnumFunc)(char **names, Slapi_PluginDesc *plugindesc,
struct slapi_dn
{
unsigned char flag;
- const char *dn; /* DN [normalized] */
+ const char *udn; /* DN [original] */
+ const char *dn; /* Normalised DN */
const char *ndn; /* Case Normalised DN */
- int ndn_len; /* normalized dn length */
+ int ndn_len; /* normalized dn length */
};
/*
diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
index c63e312..a27f8b1 100644
--- a/ldap/servers/slapd/slapi-plugin.h
+++ b/ldap/servers/slapd/slapi-plugin.h
@@ -710,13 +710,13 @@ int slapi_pblock_get( Slapi_PBlock *pb, int arg, void *value );
* <tt>char **arrays</tt>, <tt>#Slapi_Backend *</tt>, etc.), you can pass
* in the value directly. For example:
* \code
- * char *target_dn = slapi_ch_strdup(some_dn);
- * slapi_pblock_set(pb, SLAPI_TARGET_DN, target_dn);
+ * Slapi_DN *target_sdn = slapi_sdn_dup(some_sdn);
+ * slapi_pblock_set(pb, SLAPI_TARGET_SDN, target_sdn);
* \endcode
*
* \warning or
* \code
- * slapi_pblock_set(pb, SLAPI_TARGET_DN, NULL);
+ * slapi_pblock_set(pb, SLAPI_TARGET_SDN, NULL);
* \endcode
*
* \warning With some compilers, you will have to cast the value argument to
@@ -802,6 +802,7 @@ void slapi_pblock_destroy( Slapi_PBlock *pb );
* \arg #SLAPI_STR2ENTRY_NO_SCHEMA_LOCK
* \arg #SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT
* \arg #SLAPI_STR2ENTRY_NO_ENTRYDN
+ * \arg #SLAPI_STR2ENTRY_DN_NORMALIZED
*
* \return A pointer to the #Slapi_Entry structure representing the entry.
* \return \c NULL if the string cannot be converted; for example, if no DN is
@@ -923,6 +924,15 @@ Slapi_Entry *slapi_str2entry_ext( const char *dn, char *s, int flags );
#define SLAPI_STR2ENTRY_NO_ENTRYDN 1024
/**
+ * Passed DN is already normalized.
+ *
+ * If this flag is set, str2entry assumes passed DN is already normalized.
+ *
+ * \see slapi_str2entry()
+ */
+#define SLAPI_STR2ENTRY_DN_NORMALIZED 2048
+
+/**
* Generates a description of an entry as an LDIF string.
*
* This function behaves much like slapi_entry2str(); however, you can specify
@@ -1120,6 +1130,12 @@ Slapi_Entry *slapi_entry_alloc(void);
*/
void slapi_entry_init(Slapi_Entry *e, char *dn, Slapi_Attr *a);
+/*
+ * Initializes the values of an entry with the Slapi_DN and attribute value
+ * pairs you supply.
+ */
+void slapi_entry_init_ext(Slapi_Entry *e, Slapi_DN *sdn, Slapi_Attr *a);
+
/**
* Frees an entry, its DN, and its attributes from memory.
*
@@ -1290,6 +1306,23 @@ const char *slapi_entry_get_nrdn_const( const Slapi_Entry *e );
void slapi_entry_set_dn( Slapi_Entry *e, char *dn );
/**
+ * Sets the normalized distinguished name (DN) of an entry.
+ *
+ * This function sets the DN pointer in the specified entry to the DN that you supply. The DN should have been normalized.
+ *
+ * \param e Entry to which you want to assign the DN.
+ * \param dn Distinguished name you want assigned to the entry.
+ * \warning The dn will be freed eventually when slapi_entry_free() is called.
+ * \warning A copy of dn should be passed. For example:
+ *
+ * \warning The old dn will be freed as a result of this call. Do not pass in
+ * a \c NULL value.
+ * \see slapi_entry_free()
+ * \see slapi_entry_get_dn()
+ */
+void slapi_entry_set_normdn( Slapi_Entry *e, char *normdn );
+
+/**
* Sets the relative distinguished name (RDN) of an entry.
*
* This function sets the RDN pointer in the specified entry to the RDN that
@@ -1478,7 +1511,7 @@ int slapi_entry_syntax_check( Slapi_PBlock *pb, Slapi_Entry *e, int override );
* is also used to check if the #SLAPI_IS_REPLICATED_OPERATION flag is
* set. If that flag is present, no syntax checking is performed.
*/
-int slapi_dn_syntax_check( Slapi_PBlock *pb, char *dn, int override );
+int slapi_dn_syntax_check( Slapi_PBlock *pb, const char *dn, int override );
/**
* Determines if any values being added to an entry violate the syntax rules
@@ -2181,14 +2214,14 @@ Slapi_DN *slapi_sdn_new_ndn_byval(const char *ndn);
Slapi_DN *slapi_sdn_new_dn_byref(const char *dn);
/**
- * Creates a new \c Slapi_DN structure and intializes it's normalized DN to a requested value.
+ * Creates a new \c Slapi_DN structure and intializes it's normalized and case ignored DN to a requested value.
*
- * The normalized DN of the new structure will point to the same string pointed to by \c ndn.
- * The normalized DN value is passed in to the parameter by reference.
+ * The normalized and case ignored DN of the new structure will point to the same string pointed to by \c ndn.
+ * The normalized and case ignored DN value is passed in to the parameter by reference.
*
- * \param ndn The normalized DN value to be set in the new \c Slapi_DN structure.
+ * \param ndn The normalized and case ignored DN value to be set in the new \c Slapi_DN structure.
* \return A pointer to the newly allocated \c Slapi_DN structure with
- * the normalized DN value set to the content of \c ndn.
+ * the normalized and case ignored DN value set to the content of \c ndn.
* \warning The caller is still responsible for the memory used by \c ndn. This
* memory should not be freed until the returned \c Slapi_DN has been
* disposed of or reinitialized.
@@ -2220,6 +2253,60 @@ Slapi_DN *slapi_sdn_new_ndn_byref(const char *ndn);
Slapi_DN *slapi_sdn_new_dn_passin(const char *dn);
/**
+ * Creates a new \c Slapi_DN structure and intializes it's normalized DN to a requested value.
+ *
+ * The DN of the new structure will point to the same string pointed to by \c normdn.
+ * The normalized DN value is passed in to the parameter by reference.
+ *
+ * \param normdn The normalized DN value to be set in the new \c Slapi_DN structure.
+ * \return A pointer to the newly allocated \c Slapi_DN structure with
+ * the normalized DN value set to the content of \c normdn.
+ * \warning The caller is still responsible for the memory used by \c normdn.
+ * This memory should not be freed until the returned \c Slapi_DN
+ * has been disposed of or reinitialized.
+ * \see slapi_sdn_free()
+ * \see slapi_sdn_copy()
+ * \see slapi_sdn_done()
+ */
+Slapi_DN *slapi_sdn_new_normdn_byref(const char *normdn);
+
+/**
+ * Creates a new \c Slapi_DN structure and intializes it's normalized DN to a requested value.
+ *
+ * The DN of the new structure will point to the same string pointed to by \c normdn.
+ * Ownership of the memory pointed to by \c normdn is tranferred to the Slapi_DN.
+ *
+ * \param normdn The DN value to be set in the new \c Slapi_DN structure.
+ * \return A pointer to the newly allocated \c Slapi_DN structure with
+ * a DN value set to the content of \c dn.
+ * \warning The caller is no longer responsible for the memory used by \c dn.
+ * This memory should not be freed directly. It will be freed when
+ * the \c Slapi_DN is properly disposed of.
+ * \see slapi_sdn_free()
+ * \see slapi_sdn_copy()
+ * \see slapi_sdn_done()
+ */
+Slapi_DN *slapi_sdn_new_normdn_passin(const char *dn);
+
+/**
+ * Creates a new \c Slapi_DN structure and intializes it's normalized DN to a requested value.
+ *
+ * The DN of the new structure will point to the duplicated string of \c normdn.
+ * Ownership of the memory pointed to by \c normdn is tranferred to the Slapi_DN.
+ *
+ * \param normdn The copy of the DN value to be set in the new \c Slapi_DN structure.
+ * \return A pointer to the newly allocated \c Slapi_DN structure with
+ * a DN value set to the content of \c dn.
+ * \warning The caller is no longer responsible for the memory used by \c dn.
+ * This memory should not be freed directly. It will be freed when
+ * the \c Slapi_DN is properly disposed of.
+ * \see slapi_sdn_free()
+ * \see slapi_sdn_copy()
+ * \see slapi_sdn_done()
+ */
+Slapi_DN *slapi_sdn_new_normdn_byval(const char *dn);
+
+/**
* Sets a DN value in a \c Slapi_DN structure.
*
* The DN of the structure will point to a copy of the string pointed to by
@@ -2272,6 +2359,56 @@ Slapi_DN *slapi_sdn_set_dn_passin(Slapi_DN *sdn, const char *dn);
/**
* Sets a normalized DN value in a \c Slapi_DN structure.
*
+ * The DN of the structure will point to the same string pointed to by \c normdn.
+ * The normalized DN value is passed in to the parameter by reference.
+ *
+ * \param sdn The target \c Slapi_DN structure.
+ * \param normdn The normalized DN value to be set in \c sdn.
+ * \return A pointer to the \c Slapi_DN structure containing the new DN value.
+ * \warning The caller is still responsible for the memory used by \c normdn.
+ * This memory should not be freed until the returned \c Slapi_DN
+ * has been disposed of or reinitialized.
+ * \see slapi_sdn_set_dn_byref()
+ */
+Slapi_DN *slapi_sdn_set_normdn_byref(Slapi_DN *sdn, const char *normdn);
+
+/**
+ * Sets a normalized DN value in a \c Slapi_DN structure.
+ *
+ * The DN of the structure will point to the same string pointed to by \c normdn.
+ * Ownership of the memory pointed to by \c normdn is tranferred to the Slapi_DN.
+ *
+ * \param sdn The target \c Slapi_DN structure.
+ * \param normdn The normalized DN value to be set in \c sdn.
+ * \return A pointer to the \c Slapi_DN structure containing the new DN value.
+ * \warning The caller is no longer responsible for the memory used by \c normdn.
+ * This memory should not be freed directly. It will be freed when
+ * the \c Slapi_DN is properly disposed of.
+ * \see slapi_sdn_set_dn_passin()
+ */
+Slapi_DN *slapi_sdn_set_normdn_passin(Slapi_DN *sdn, const char *dn);
+
+/**
+ * Sets a normalized DN value in a \c Slapi_DN structure.
+ *
+ * The normalized DN of the structure will point to a copy of the string
+ * pointed to by \c dn. The normalized DN value is passed in to the parameter
+ * by value.
+ * Ownership of the memory pointed to by \c normdn is tranferred to the Slapi_DN.
+ *
+ * \param sdn The target \c Slapi_DN structure.
+ * \param normdn The normalized DN value to be set in \c sdn.
+ * \return A pointer to the \c Slapi_DN structure containing the new DN value.
+ * \warning The caller is no longer responsible for the memory used by \c normdn.
+ * This memory should not be freed directly. It will be freed when
+ * the \c Slapi_DN is properly disposed of.
+ * \see slapi_sdn_set_dn_passin()
+ */
+Slapi_DN *slapi_sdn_set_normdn_byval(Slapi_DN *sdn, const char *dn);
+
+/**
+ * Sets a normalized and case ignored DN value in a \c Slapi_DN structure.
+ *
* The normalized DN of the structure will point to a copy of the string
* pointed to by \c ndn. The normalized DN value is passed in to the parameter
* by value.
@@ -2325,33 +2462,52 @@ void slapi_sdn_done(Slapi_DN *sdn);
void slapi_sdn_free(Slapi_DN **sdn);
/**
- * Retrieves the DN value of a \c Slapi_DN structure.
+ * Retrieves the normalized DN value of a \c Slapi_DN structure.
+ *
+ * If the structure does not contain a normalized DN yet, it will normalize
+ * the un-normalized DN and set it in the structure.
*
* \param sdn The \c Slapi_DN strucure containing the DN value.
* \return A pointer to the DN value if one is set.
- * \return A pointer to the normalized DN value if one is set and no
+ * \return A pointer to the normalized and case ignored DN value if one is set and no
* DN value is set.
- * \return \c NULL if no DN or normalized DN value is set.
+ * \return \c NULL if no normalized DN or normalized and case ignored DN value is set.
* \warning The pointer returned is the actual value from the structure, not a copy.
* \see slapi_sdn_get_ndn()
+ * \see slapi_sdn_get_udn()
*/
const char * slapi_sdn_get_dn(const Slapi_DN *sdn);
/**
- * Retrieves the normalized DN value of a \c Slapi_DN structure.
+ * Retrieves the normalized and case ignored DN value of a \c Slapi_DN structure.
*
- * If the structure does not contain a normalized DN yet, it will normalize
- * the DN and set it in the structure.
+ * If the structure does not contain a normalized and case ignored DN yet,
+ * it will normalize and case ignore the DN and set it in the structure.
*
- * \param sdn The \c Slapi_DN strucure containing the normalized DN value.
+ * \param sdn The \c Slapi_DN strucure containing the normalized and case ignored DN value.
* \return The normalized DN value.
* \return \c NULL if no DN or normalized DN value is set.
* \warning The pointer returned is the actual value from the structure, not a copy.
* \see slapi_sdn_get_dn()
+ * \see slapi_sdn_get_udn()
*/
const char * slapi_sdn_get_ndn(const Slapi_DN *sdn);
/**
+ * Retrieves the un-normalized DN value of a \c Slapi_DN structure.
+ *
+ * \param sdn The \c Slapi_DN strucure containing the DN value.
+ * \return A pointer to the DN value if one is set.
+ * \return A pointer to the normalized DN value if one is set and no
+ * DN value is set.
+ * \return \c NULL if no DN or normalized DN value is set.
+ * \warning The pointer returned is the actual value from the structure, not a copy.
+ * \see slapi_sdn_get_dn()
+ * \see slapi_sdn_get_ndn()
+ */
+const char * slapi_sdn_get_udn(const Slapi_DN *sdn);
+
+/**
* Fills in an existing \c Slapi_DN structure with the parent DN of the passed in \c Slapi_DN.
*
* \param sdn Pointer to the \c Slapi_DN structure containing the DN whose parent is desired.
@@ -2555,7 +2711,7 @@ Slapi_DN *slapi_sdn_set_parent(Slapi_DN *sdn, const Slapi_DN *parentdn);
* in \c newrdn in front of the content of this parameter.
* \return The new DN for the entry whose previous DN was \c dn_olddn.
*/
-char * slapi_moddn_get_newdn(Slapi_DN *dn_olddn, char *newrdn, char *newsuperiordn);
+char * slapi_moddn_get_newdn(Slapi_DN *dn_olddn, const char *newrdn, const char *newsuperiordn);
Slapi_DN *slapi_sdn_add_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn);
@@ -3167,6 +3323,16 @@ char *slapi_create_dn_string(const char *fmt, ...);
char *slapi_create_dn_string_case(const char *fmt, ...);
/**
+ * Generates a valid value of RDN string
+ *
+ * \param fmt The format used to generate a value of RDN string.
+ * \param ... The arguments to generate an RDN string.
+ * \return A pointer to the generated RDN value.
+ * \return NULL if failed.
+ */
+char *slapi_create_rdn_value(const char *fmt, ...);
+
+/**
* Converts a DN to lowercase.
*
* \param dn The DN to convert.
@@ -5092,6 +5258,10 @@ void slapi_search_internal_set_pb(Slapi_PBlock *pb, const char *base,
int scope, const char *filter, char **attrs, int attrsonly,
LDAPControl **controls, const char *uniqueid,
Slapi_ComponentId *plugin_identity, int operation_flags);
+void slapi_search_internal_set_pb_ext(Slapi_PBlock *pb, Slapi_DN *sdn,
+ int scope, const char *filter, char **attrs, int attrsonly,
+ LDAPControl **controls, const char *uniqueid,
+ Slapi_ComponentId *plugin_identity, int operation_flags);
void slapi_add_entry_internal_set_pb(Slapi_PBlock *pb, Slapi_Entry *e,
LDAPControl **controls, Slapi_ComponentId *plugin_identity,
int operation_flags);
@@ -5101,10 +5271,28 @@ int slapi_add_internal_set_pb(Slapi_PBlock *pb, const char *dn,
void slapi_modify_internal_set_pb(Slapi_PBlock *pb, const char *dn,
LDAPMod **mods, LDAPControl **controls, const char *uniqueid,
Slapi_ComponentId *plugin_identity, int operation_flags);
-void slapi_rename_internal_set_pb(Slapi_PBlock *pb, const char *olddn,
- const char *newrdn, const char *newsuperior, int deloldrdn,
+void slapi_modify_internal_set_pb_ext(Slapi_PBlock *pb, const Slapi_DN *sdn,
+ LDAPMod **mods, LDAPControl **controls, const char *uniqueid,
+ Slapi_ComponentId *plugin_identity, int operation_flags);
+/**
+ * Set \c Slapi_PBlock to perform modrdn/rename internally
+ *
+ * \param pblock - Slapi_PBlock to be set
+ * \param olddn - original dn to be renamed; it should have been normalized
+ * \param newrdn - new leaf rdn if any; it should have been normalized
+ * \param newsuperior - new parent dn if any; it should have been normalized
+ * \param deloldrdn \c 0 - keep original rdn \c non-zero - delete original rdn
+ * \param controls
+ * \param uniqueid
+ * \param plugin_identity
+ * \param operation_flags
+ */
+void slapi_rename_internal_set_pb_ext(Slapi_PBlock *pb,
+ const Slapi_DN *olddn, const char *newrdn,
+ const Slapi_DN *newsuperior, int deloldrdn,
LDAPControl **controls, const char *uniqueid,
Slapi_ComponentId *plugin_identity, int operation_flags);
+
void slapi_delete_internal_set_pb(Slapi_PBlock *pb, const char *dn,
LDAPControl **controls, const char *uniqueid,
Slapi_ComponentId *plugin_identity, int operation_flags);
@@ -5811,6 +5999,7 @@ time_t slapi_current_time( void );
/* operation */
#define SLAPI_OPINITIATED_TIME 140
#define SLAPI_REQUESTOR_DN 141
+#define SLAPI_REQUESTOR_NDN 156
#define SLAPI_OPERATION_PARAMETERS 138
#define SLAPI_OPERATION_TYPE 590
#define SLAPI_OPERATION_AUTHTYPE 741
@@ -6084,7 +6273,10 @@ typedef struct slapi_plugindesc {
/* arguments that are common to all operation */
#define SLAPI_TARGET_ADDRESS 48 /* target address (dn + uniqueid) should be normalized */
#define SLAPI_TARGET_UNIQUEID 49 /* target uniqueid of the operation */
-#define SLAPI_TARGET_DN 50 /* target dn of the operation should be normalized */
+#define SLAPI_TARGET_DN 50 /* DEPRECATED. target dn of the operation.
+ It actually points DN in SLAPI_TARGET_SDN. */
+#define SLAPI_TARGET_SDN 47 /* target sdn of the operation */
+
#define SLAPI_REQCONTROLS 51 /* request controls */
/* Copies of entry before and after add, mod, mod[r]dn operations */
@@ -6122,7 +6314,8 @@ typedef struct slapi_plugindesc {
#define SLAPI_DESTROY_CONTENT 59
/* add arguments */
-#define SLAPI_ADD_TARGET SLAPI_TARGET_DN
+#define SLAPI_ADD_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_ADD_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_ADD_ENTRY 60
#define SLAPI_ADD_EXISTING_DN_ENTRY 61
#define SLAPI_ADD_PARENT_ENTRY 62
@@ -6130,7 +6323,8 @@ typedef struct slapi_plugindesc {
#define SLAPI_ADD_EXISTING_UNIQUEID_ENTRY 64
/* bind arguments */
-#define SLAPI_BIND_TARGET SLAPI_TARGET_DN
+#define SLAPI_BIND_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_BIND_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_BIND_METHOD 70
#define SLAPI_BIND_CREDENTIALS 71 /* v3 only */
#define SLAPI_BIND_SASLMECHANISM 72 /* v3 only */
@@ -6138,27 +6332,32 @@ typedef struct slapi_plugindesc {
#define SLAPI_BIND_RET_SASLCREDS 73 /* v3 only */
/* compare arguments */
-#define SLAPI_COMPARE_TARGET SLAPI_TARGET_DN
+#define SLAPI_COMPARE_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_COMPARE_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_COMPARE_TYPE 80
#define SLAPI_COMPARE_VALUE 81
/* delete arguments */
-#define SLAPI_DELETE_TARGET SLAPI_TARGET_DN
+#define SLAPI_DELETE_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_DELETE_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_DELETE_EXISTING_ENTRY SLAPI_ADD_EXISTING_DN_ENTRY
#define SLAPI_DELETE_GLUE_PARENT_ENTRY SLAPI_ADD_PARENT_ENTRY
#define SLAPI_DELETE_BEPREOP_ENTRY SLAPI_ENTRY_PRE_OP
#define SLAPI_DELETE_BEPOSTOP_ENTRY SLAPI_ENTRY_POST_OP
/* modify arguments */
-#define SLAPI_MODIFY_TARGET SLAPI_TARGET_DN
+#define SLAPI_MODIFY_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_MODIFY_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_MODIFY_MODS 90
#define SLAPI_MODIFY_EXISTING_ENTRY SLAPI_ADD_EXISTING_DN_ENTRY
/* modrdn arguments */
-#define SLAPI_MODRDN_TARGET SLAPI_TARGET_DN
+#define SLAPI_MODRDN_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_MODRDN_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_MODRDN_NEWRDN 100
#define SLAPI_MODRDN_DELOLDRDN 101
#define SLAPI_MODRDN_NEWSUPERIOR 102 /* v3 only */
+#define SLAPI_MODRDN_NEWSUPERIOR_SDN 103 /* v3 only */
#define SLAPI_MODRDN_EXISTING_ENTRY SLAPI_ADD_EXISTING_DN_ENTRY
#define SLAPI_MODRDN_PARENT_ENTRY 104
#define SLAPI_MODRDN_NEWPARENT_ENTRY 105
@@ -6173,7 +6372,8 @@ typedef struct slapi_plugindesc {
#define SLAPI_ORIGINAL_TARGET SLAPI_ORIGINAL_TARGET_DN
/* search arguments */
-#define SLAPI_SEARCH_TARGET SLAPI_TARGET_DN
+#define SLAPI_SEARCH_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_SEARCH_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_SEARCH_SCOPE 110
#define SLAPI_SEARCH_DEREF 111
#define SLAPI_SEARCH_SIZELIMIT 112
diff --git a/ldap/servers/slapd/slapi-private.h b/ldap/servers/slapd/slapi-private.h
index bedc9f5..2b717a0 100644
--- a/ldap/servers/slapd/slapi-private.h
+++ b/ldap/servers/slapd/slapi-private.h
@@ -376,7 +376,9 @@ Slapi_DN *slapi_sdn_init_dn_byval(Slapi_DN *sdn,const char *dn);
Slapi_DN *slapi_sdn_init_dn_passin(Slapi_DN *sdn,const char *dn);
Slapi_DN *slapi_sdn_init_ndn_byref(Slapi_DN *sdn,const char *dn);
Slapi_DN *slapi_sdn_init_ndn_byval(Slapi_DN *sdn,const char *dn);
-Slapi_DN *slapi_sdn_init_dn_ndn_byref(Slapi_DN *sdn,const char *dn);
+Slapi_DN *slapi_sdn_init_normdn_byref(Slapi_DN *sdn, const char *dn);
+Slapi_DN *slapi_sdn_init_normdn_ndn_passin(Slapi_DN *sdn, const char *dn);
+Slapi_DN *slapi_sdn_init_normdn_passin(Slapi_DN *sdn, const char *dn);
char *slapi_dn_normalize_original( char *dn );
char *slapi_dn_normalize_case_original( char *dn );
@@ -520,10 +522,10 @@ int test_presence_filter( Slapi_PBlock *pb, Slapi_Entry *e, char *type,
/* this structure allows to address entry by dn or uniqueid */
typedef struct entry_address
{
- char *dn;
char *udn; /* unnormalized dn */
char *uniqueid;
-}entry_address;
+ Slapi_DN *sdn;
+} entry_address;
/*
* LDAP Operation input parameters.
@@ -671,6 +673,7 @@ void slapi_send_ldap_result_from_pb( Slapi_PBlock *pb);
typedef struct mt_node mapping_tree_node;
mapping_tree_node *slapi_get_mapping_tree_node_by_dn(const Slapi_DN *dn);
char* slapi_get_mapping_tree_node_configdn(const Slapi_DN *root);
+Slapi_DN* slapi_get_mapping_tree_node_configsdn(const Slapi_DN *root);
const Slapi_DN* slapi_get_mapping_tree_node_root(const mapping_tree_node *node);
const char* slapi_get_mapping_tree_config_root ();
Slapi_Backend *slapi_mapping_tree_find_backend_for_sdn(Slapi_DN *sdn);
@@ -812,7 +815,7 @@ char ** cool_charray_dup( char **a );
void cool_charray_free( char **array );
void charray_subtract( char **a, char **b, char ***c );
int charray_get_index(char **array, char *s);
-
+int charray_normdn_add(char ***chararray, char *dn, char *errstr);
/******************************************************************************
* value array routines.
diff --git a/ldap/servers/slapd/task.c b/ldap/servers/slapd/task.c
index 999d004..6d60775 100644
--- a/ldap/servers/slapd/task.c
+++ b/ldap/servers/slapd/task.c
@@ -779,13 +779,25 @@ static int task_import_add(Slapi_PBlock *pb, Slapi_Entry *e,
if (slapi_entry_attr_find(e, "nsIncludeSuffix", &attr) == 0) {
for (idx = slapi_attr_first_value(attr, &val);
idx >= 0; idx = slapi_attr_next_value(attr, idx, &val)) {
- charray_add(&include, slapi_ch_strdup(slapi_value_get_string(val)));
+ rv = charray_normdn_add(&include,
+ (char *)slapi_value_get_string(val),
+ "nsIncludeSuffix");
+ if (0 != rv) {
+ *returncode = LDAP_PARAM_ERROR;
+ return SLAPI_DSE_CALLBACK_ERROR;
+ }
}
}
if (slapi_entry_attr_find(e, "nsExcludeSuffix", &attr) == 0) {
for (idx = slapi_attr_first_value(attr, &val);
idx >= 0; idx = slapi_attr_next_value(attr, idx, &val)) {
- charray_add(&exclude, slapi_ch_strdup(slapi_value_get_string(val)));
+ rv = charray_normdn_add(&exclude,
+ (char *)slapi_value_get_string(val),
+ "nsExcludeSuffix");
+ if (0 != rv) {
+ *returncode = LDAP_PARAM_ERROR;
+ return SLAPI_DSE_CALLBACK_ERROR;
+ }
}
}
@@ -1090,13 +1102,25 @@ static int task_export_add(Slapi_PBlock *pb, Slapi_Entry *e,
if (slapi_entry_attr_find(e, "nsIncludeSuffix", &attr) == 0) {
for (idx = slapi_attr_first_value(attr, &val);
idx >= 0; idx = slapi_attr_next_value(attr, idx, &val)) {
- charray_add(&include, slapi_ch_strdup(slapi_value_get_string(val)));
+ rv = charray_normdn_add(&include,
+ (char *)slapi_value_get_string(val),
+ "nsIncludeSuffix");
+ if (0 != rv) {
+ *returncode = LDAP_PARAM_ERROR;
+ goto out;
+ }
}
}
if (slapi_entry_attr_find(e, "nsExcludeSuffix", &attr) == 0) {
for (idx = slapi_attr_first_value(attr, &val);
idx >= 0; idx = slapi_attr_next_value(attr, idx, &val)) {
- charray_add(&exclude, slapi_ch_strdup(slapi_value_get_string(val)));
+ rv = charray_normdn_add(&exclude,
+ (char *)slapi_value_get_string(val),
+ "nsExcludeSuffix");
+ if (0 != rv) {
+ *returncode = LDAP_PARAM_ERROR;
+ goto out;
+ }
}
}
diff --git a/ldap/servers/slapd/tools/ldclt/ldapfct.c b/ldap/servers/slapd/tools/ldclt/ldapfct.c
index 23d0a04..4d58d88 100644
--- a/ldap/servers/slapd/tools/ldclt/ldapfct.c
+++ b/ldap/servers/slapd/tools/ldclt/ldapfct.c
@@ -1764,10 +1764,7 @@ error:
}
done:
- /*
- * Normal end
- */
- return (0);
+ return rc;
}
diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c
index 5cb2711..b91ec12 100644
--- a/ldap/servers/slapd/util.c
+++ b/ldap/servers/slapd/util.c
@@ -439,24 +439,18 @@ normalize_mods2bvals(const LDAPMod **mods)
mbvp && *mbvp; mbvp++, normmbvp++)
{
if (is_dn_syntax) {
- int rc = 0;
- char *normed = NULL;
- size_t dnlen = 0;
-
- rc = slapi_dn_normalize_ext((*mbvp)->bv_val,
- (*mbvp)->bv_len,
- &normed, &dnlen);
- if (rc < 0) { /* normalization failed; use the original */
- *normmbvp = ber_bvdup(*mbvp);
- } else if (rc == 0) { /* if rc == 0, value is passed in */
- *(normed + dnlen) = '\0';
- *normmbvp = ber_bvdup(*mbvp);
- } else {
+ Slapi_DN *sdn = slapi_sdn_new_dn_byref((*mbvp)->bv_val);
+ if (slapi_sdn_get_dn(sdn)) {
*normmbvp =
(struct berval *)slapi_ch_malloc(sizeof(struct berval));
- (*normmbvp)->bv_val = normed;
- (*normmbvp)->bv_len = dnlen;
+ (*normmbvp)->bv_val =
+ slapi_ch_strdup(slapi_sdn_get_dn(sdn));
+ (*normmbvp)->bv_len = slapi_sdn_get_ndn_len(sdn);
+ } else {
+ /* normalization failed; use the original */
+ *normmbvp = ber_bvdup(*mbvp);
}
+ slapi_sdn_free(&sdn);
} else {
*normmbvp = ber_bvdup(*mbvp);
}
@@ -474,26 +468,21 @@ normalize_mods2bvals(const LDAPMod **mods)
vlen = strlen(*mvp);
if (is_dn_syntax) {
- int rc = 0;
- char *normed = NULL;
- size_t dnlen = 0;
- rc = slapi_dn_normalize_ext(*mvp, vlen,
- &normed, &dnlen);
- if (rc < 0) { /* normalization failed; use the original */
+ Slapi_DN *sdn = slapi_sdn_new_dn_byref(*mvp);
+ if (slapi_sdn_get_dn(sdn)) {
+ *normmbvp =
+ (struct berval *)slapi_ch_malloc(sizeof(struct berval));
+ (*normmbvp)->bv_val =
+ slapi_ch_strdup(slapi_sdn_get_dn(sdn));
+ (*normmbvp)->bv_len = slapi_sdn_get_ndn_len(sdn);
+ } else {
+ /* normalization failed; use the original */
(*normmbvp)->bv_val = slapi_ch_malloc(vlen + 1);
memcpy((*normmbvp)->bv_val, *mvp, vlen);
(*normmbvp)->bv_val[vlen] = '\0';
(*normmbvp)->bv_len = vlen;
- } else if (rc == 0) { /* if rc == 0, value is passed in */
- *(normed + dnlen) = '\0';
- (*normmbvp)->bv_val = slapi_ch_strdup(normed);
- (*normmbvp)->bv_len = dnlen;
- } else {
- *normmbvp =
- (struct berval *)slapi_ch_malloc(sizeof(struct berval));
- (*normmbvp)->bv_val = normed;
- (*normmbvp)->bv_len = dnlen;
}
+ slapi_sdn_free(&sdn);
} else {
(*normmbvp)->bv_val = slapi_ch_malloc(vlen + 1);
memcpy((*normmbvp)->bv_val, *mvp, vlen);
diff --git a/ldap/servers/slapd/uuid.c b/ldap/servers/slapd/uuid.c
index 4a3ec8e..03244de 100644
--- a/ldap/servers/slapd/uuid.c
+++ b/ldap/servers/slapd/uuid.c
@@ -655,14 +655,13 @@ static int add_state_entry ()
struct berval val;
Slapi_Entry *e;
Slapi_PBlock *pb = NULL;
- const char *dn = slapi_sdn_get_ndn (_state.configDN);
int rt;
vals[0] = &val;
vals[1] = NULL;
e = slapi_entry_alloc();
- slapi_entry_set_dn(e, slapi_ch_strdup(dn));
+ slapi_entry_set_sdn(e, _state.configDN);
/* Set the objectclass attribute */
val.bv_val = "top";
diff --git a/ldap/servers/slapd/value.c b/ldap/servers/slapd/value.c
index 1faf31a..2817eaf 100644
--- a/ldap/servers/slapd/value.c
+++ b/ldap/servers/slapd/value.c
@@ -313,7 +313,7 @@ slapi_value_set( Slapi_Value *value, void *val, unsigned long len)
{
struct berval bv;
bv.bv_len= len;
- bv.bv_val= (void*)val; /* We cast away the const, but we're not going to change anything */
+ bv.bv_val= val; /* We cast away the const, but we're not going to change anything */
slapi_value_set_berval( value, &bv);
return value;
}
@@ -570,26 +570,21 @@ value_dump( const Slapi_Value *value, const char *text)
int
value_normalize_value(Slapi_Value *value)
{
- char *normval = NULL;
- size_t len = 0;
+ Slapi_DN *sdn = NULL;
int rc = 0;
if (NULL == value) {
- return 0;
+ return rc;
}
- rc = slapi_dn_normalize_ext(value->bv.bv_val, value->bv.bv_len,
- &normval, &len);
- if (rc < 0) {
- return 1;
- } else if (rc > 0) { /* if rc == 0, the original value is passed in */
- slapi_ch_free_string(&value->bv.bv_val);
- } else { /* rc == 0; original is passed in; not null terminated */
- /* since bvalue, no need to terminate with null, tho */
- *(normval + len) = '\0';
+ sdn = slapi_sdn_new_dn_passin(value->bv.bv_val);
+ if (slapi_sdn_get_dn(sdn)) {
+ value->bv.bv_val = slapi_ch_strdup(slapi_sdn_get_dn(sdn));
+ value->bv.bv_len = slapi_sdn_get_ndn_len(sdn);
+ } else {
+ rc = 1;
}
- value->bv.bv_val = normval;
- value->bv.bv_len = len;
+ slapi_sdn_free(&sdn);
- return 0;
+ return rc;
}
diff --git a/lib/libaccess/lasdns.cpp b/lib/libaccess/lasdns.cpp
index a81f680..6956878 100644
--- a/lib/libaccess/lasdns.cpp
+++ b/lib/libaccess/lasdns.cpp
@@ -151,6 +151,7 @@ LASDnsBuild(NSErr_t *errp, char *attr_pattern, LASDnsContext_t *context, int ali
#else
PRHostEnt *he, host;
#endif
+ char *end_attr_pattern;
if (attr_pattern == NULL) {
nserrGenerate(errp, ACLERRINVAL, ACLERR4770, ACL_Program, 1,
@@ -172,6 +173,7 @@ LASDnsBuild(NSErr_t *errp, char *attr_pattern, LASDnsContext_t *context, int ali
return LAS_EVAL_INVALID;
}
+ end_attr_pattern = attr_pattern + strlen(attr_pattern);
do {
size_t maxsize = sizeof(token);
/* Get a single hostname from the pattern string */
@@ -183,8 +185,10 @@ LASDnsBuild(NSErr_t *errp, char *attr_pattern, LASDnsContext_t *context, int ali
token[delimiter] = '\0';
/* Skip any white space after the token */
- attr_pattern += delimiter;
- attr_pattern += strspn(attr_pattern, ", \t");
+ attr_pattern += delimiter;
+ if (attr_pattern < end_attr_pattern) {
+ attr_pattern += strspn(attr_pattern, ", \t");
+ }
/* If there's a wildcard, strip it off but leave the "."
* Can't have aliases for a wildcard pattern.
12 years, 6 months
ldap/servers
by Noriko Hosoi
ldap/servers/plugins/acl/acl.c | 4 +-
ldap/servers/slapd/add.c | 17 --------
ldap/servers/slapd/attrsyntax.c | 36 ++++++++++++++++++
ldap/servers/slapd/back-ldbm/id2entry.c | 15 -------
ldap/servers/slapd/back-ldbm/init.c | 57 ++++-------------------------
ldap/servers/slapd/entry.c | 61 +++++++++++++++++++++++---------
ldap/servers/slapd/modify.c | 35 ------------------
ldap/servers/slapd/pw_mgmt.c | 4 ++
ldap/servers/slapd/slap.h | 2 +
ldap/servers/slapd/slapi-plugin.h | 1
ldap/servers/slapd/slapi-private.h | 2 +
11 files changed, 101 insertions(+), 133 deletions(-)
New commits:
commit c06a8faa9140668836dcf02722908319ec2e6e1e
Author: Noriko Hosoi <nhosoi(a)jiji.usersys.redhat.com>
Date: Tue Oct 18 14:16:44 2011 -0700
Keep unhashed password psuedo-attribute in the adding entry
Description:
unhashed password pseudo-attribute is necessary for plugins that
handle passwords. The plugin could be any one including pre/post-
plugin and be-txn-pre/post-plugin. On the other hand, the pseudo-
attribute should not be in the database.
This patch declares the unhashed password pseudo-attribute as an
operational attribute and allows the pseudo-attribute in an entry
in the memory. When creating a flat entry by entry2str_ function
to store in the database, it omits the pseudo-attribute.
Reviewed by rmeggins(a)redhat.com and nkinder(a)redhat.com (Thank you!!)
diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c
index 2794694..657c5ec 100644
--- a/ldap/servers/plugins/acl/acl.c
+++ b/ldap/servers/plugins/acl/acl.c
@@ -1386,7 +1386,9 @@ acl_check_mods(
}
if (lastmod &&
(strcmp (mod->mod_type, "modifiersname")== 0 ||
- strcmp (mod->mod_type, "modifytimestamp")== 0)) {
+ strcmp (mod->mod_type, "modifytimestamp")== 0 ||
+ strcmp (mod->mod_type, PSEUDO_ATTR_UNHASHEDUSERPASSWORD)== 0)
+ ) {
continue;
}
diff --git a/ldap/servers/slapd/add.c b/ldap/servers/slapd/add.c
index 0bf6ef0..19a7690 100644
--- a/ldap/servers/slapd/add.c
+++ b/ldap/servers/slapd/add.c
@@ -668,15 +668,6 @@ static void op_shared_add (Slapi_PBlock *pb)
slapi_pblock_set(pb, SLAPI_PLUGIN, be->be_database);
set_db_default_result_handlers(pb);
-
- /* Remove the unhashed password pseudo-attribute
- from the entry before duplicating the entry */
-
- if (unhashed_password_vals)
- {
- slapi_entry_delete_values(e, pwdtype, NULL);
- }
-
/* because be_add frees the entry */
ec = slapi_entry_dup(e);
add_target_dn= slapi_ch_strdup(slapi_sdn_get_ndn(slapi_entry_get_sdn_const(ec)));
@@ -722,14 +713,6 @@ static void op_shared_add (Slapi_PBlock *pb)
send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL,
"Function not implemented", 0, NULL);
}
-
- /* Reattach the unhashed password pseudo-attribute
- to the entry copy (ec), before calling the postop plugin */
- if(unhashed_password_vals)
- {
- slapi_entry_add_values_sv(ec, pwdtype, unhashed_password_vals);
- }
-
slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, &rc);
plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_POST_ADD_FN :
SLAPI_PLUGIN_POST_ADD_FN);
diff --git a/ldap/servers/slapd/attrsyntax.c b/ldap/servers/slapd/attrsyntax.c
index dac3cc1..62dfea1 100644
--- a/ldap/servers/slapd/attrsyntax.c
+++ b/ldap/servers/slapd/attrsyntax.c
@@ -1074,3 +1074,39 @@ slapi_attr_syntax_exists(const char *attr_name)
{
return attr_syntax_exists(attr_name);
}
+
+/*
+ * Add an attribute syntax using some default flags, etc.
+ * Returns an LDAP error code (LDAP_SUCCESS if all goes well)
+ */
+int
+slapi_add_internal_attr_syntax( const char *name, const char *oid,
+ const char *syntax, const char *mr_equality, unsigned long extraflags )
+{
+ int rc = LDAP_SUCCESS;
+ struct asyntaxinfo *asip;
+ char *names[2];
+ char *origins[2];
+ unsigned long std_flags = SLAPI_ATTR_FLAG_STD_ATTR | SLAPI_ATTR_FLAG_OPATTR;
+
+ names[0] = (char *)name;
+ names[1] = NULL;
+
+ origins[0] = SLAPD_VERSION_STR;
+ origins[1] = NULL;
+
+ rc = attr_syntax_create( oid, names, 1,
+ "internal server defined attribute type",
+ NULL, /* superior */
+ mr_equality, NULL, NULL, /* matching rules */
+ origins, syntax,
+ SLAPI_SYNTAXLENGTH_NONE,
+ std_flags | extraflags,
+ &asip );
+
+ if ( rc == LDAP_SUCCESS ) {
+ rc = attr_syntax_add( asip );
+ }
+
+ return rc;
+}
diff --git a/ldap/servers/slapd/back-ldbm/id2entry.c b/ldap/servers/slapd/back-ldbm/id2entry.c
index 432f80a..12e2951 100644
--- a/ldap/servers/slapd/back-ldbm/id2entry.c
+++ b/ldap/servers/slapd/back-ldbm/id2entry.c
@@ -46,10 +46,6 @@
#define ID2ENTRY "id2entry"
-static char *protected_attrs_all [] = {PSEUDO_ATTR_UNHASHEDUSERPASSWORD,
- LDBM_ENTRYDN_STR,
- NULL};
-
/*
* The caller MUST check for DB_LOCK_DEADLOCK and DB_RUNRECOVERY returned
*/
@@ -64,7 +60,6 @@ id2entry_add_ext( backend *be, struct backentry *e, back_txn *txn, int encrypt
int len, rc;
char temp_id[sizeof(ID)];
struct backentry *encrypted_entry = NULL;
- char **paap = NULL;
char *entrydn = NULL;
LDAPDebug( LDAP_DEBUG_TRACE, "=> id2entry_add( %lu, \"%s\" )\n",
@@ -125,16 +120,6 @@ id2entry_add_ext( backend *be, struct backentry *e, back_txn *txn, int encrypt
LDAPDebug2Args( LDAP_DEBUG_TRACE,
"=> id2entry_add (dncache) ( %lu, \"%s\" )\n",
(u_long)e->ep_id, slapi_entry_get_dn_const(entry_to_use) );
- /*
- * If protected attributes exist in the entry,
- * we have to remove them before writing the entry to the database.
- */
- for (paap = protected_attrs_all; paap && *paap; paap++) {
- if (0 == slapi_entry_attr_find(entry_to_use, *paap, &eattr)) {
- /* a protected attr exists in the entry. removed it. */
- slapi_entry_delete_values(entry_to_use, *paap, NULL);
- }
- }
}
data.dptr = slapi_entry2str_with_options(entry_to_use, &len, options);
data.dsize = len + 1;
diff --git a/ldap/servers/slapd/back-ldbm/init.c b/ldap/servers/slapd/back-ldbm/init.c
index b41faba..6859b29 100644
--- a/ldap/servers/slapd/back-ldbm/init.c
+++ b/ldap/servers/slapd/back-ldbm/init.c
@@ -51,9 +51,6 @@ static void *IDL_api[3];
static Slapi_PluginDesc pdesc = { "ldbm-backend", VENDOR,
DS_PACKAGE_VERSION, "high-performance LDAP backend database plugin" };
-static int add_ldbm_internal_attr_syntax( const char *name, const char *oid,
- const char *syntax, const char *mr_equality, unsigned long extraflags );
-
#ifdef _WIN32
int *module_ldap_debug = 0;
@@ -69,21 +66,21 @@ int
ldbm_back_add_schema( Slapi_PBlock *pb )
{
int rc = 0;
- rc = add_ldbm_internal_attr_syntax( LDBM_ENTRYDN_STR,
+ rc = slapi_add_internal_attr_syntax( LDBM_ENTRYDN_STR,
LDBM_ENTRYDN_OID, DN_SYNTAX_OID, DNMATCH_NAME,
- SLAPI_ATTR_FLAG_SINGLE );
+ SLAPI_ATTR_FLAG_SINGLE|SLAPI_ATTR_FLAG_NOUSERMOD );
- rc |= add_ldbm_internal_attr_syntax( "dncomp",
+ rc |= slapi_add_internal_attr_syntax( "dncomp",
LDBM_DNCOMP_OID, DN_SYNTAX_OID, DNMATCH_NAME,
- 0 );
+ SLAPI_ATTR_FLAG_NOUSERMOD );
- rc |= add_ldbm_internal_attr_syntax( LDBM_PARENTID_STR,
+ rc |= slapi_add_internal_attr_syntax( LDBM_PARENTID_STR,
LDBM_PARENTID_OID, DIRSTRING_SYNTAX_OID, CASEIGNOREMATCH_NAME,
- SLAPI_ATTR_FLAG_SINGLE );
+ SLAPI_ATTR_FLAG_SINGLE|SLAPI_ATTR_FLAG_NOUSERMOD );
- rc |= add_ldbm_internal_attr_syntax( "entryid",
+ rc |= slapi_add_internal_attr_syntax( "entryid",
LDBM_ENTRYID_OID, DIRSTRING_SYNTAX_OID, CASEIGNOREMATCH_NAME,
- SLAPI_ATTR_FLAG_SINGLE );
+ SLAPI_ATTR_FLAG_SINGLE|SLAPI_ATTR_FLAG_NOUSERMOD );
return rc;
}
@@ -280,41 +277,3 @@ fail:
slapi_pblock_set( pb, SLAPI_PLUGIN_PRIVATE, NULL );
return( -1 );
}
-
-
-/*
- * Add an attribute syntax using some default flags, etc.
- * Returns an LDAP error code (LDAP_SUCCESS if all goes well)
- */
-static int
-add_ldbm_internal_attr_syntax( const char *name, const char *oid,
- const char *syntax, const char *mr_equality, unsigned long extraflags )
-{
- int rc = LDAP_SUCCESS;
- struct asyntaxinfo *asip;
- char *names[2];
- char *origins[2];
- unsigned long std_flags = SLAPI_ATTR_FLAG_STD_ATTR | SLAPI_ATTR_FLAG_OPATTR
- | SLAPI_ATTR_FLAG_NOUSERMOD;
-
- names[0] = (char *)name;
- names[1] = NULL;
-
- origins[0] = SLAPD_VERSION_STR;
- origins[1] = NULL;
-
- rc = attr_syntax_create( oid, names, 1,
- "internal server defined attribute type",
- NULL, /* superior */
- mr_equality, NULL, NULL, /* matching rules */
- origins, syntax,
- SLAPI_SYNTAXLENGTH_NONE,
- std_flags | extraflags,
- &asip );
-
- if ( rc == LDAP_SUCCESS ) {
- rc = attr_syntax_add( asip );
- }
-
- return rc;
-}
diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c
index 9e0f0fb..8a91e39 100644
--- a/ldap/servers/slapd/entry.c
+++ b/ldap/servers/slapd/entry.c
@@ -63,6 +63,13 @@
/* a helper function to set special rdn to a tombstone entry */
static int _entry_set_tombstone_rdn(Slapi_Entry *e, const char *normdn);
+static int is_type_protected(const char *type);
+
+/* protected attributes which are not included in the flattened entry,
+ * which will be stored in the db. */
+static char *protected_attrs_all [] = {PSEUDO_ATTR_UNHASHEDUSERPASSWORD,
+ SLAPI_ATTR_ENTRYDN,
+ NULL};
/*
* An attribute name is of the form 'basename[;option]'.
@@ -1431,27 +1438,34 @@ slapi_str2entry_ext( const char *dn, char *s, int flags )
return e;
}
+/*
+ * If the attribute type is in the protected list, it returns size 0.
+ */
static size_t
-entry2str_internal_size_value( const char *attrtype, const Slapi_Value *v, int entry2str_ctrl, int attribute_state, int value_state )
-{
- size_t elen= 0;
- if(attrtype!=NULL)
+entry2str_internal_size_value( const char *attrtype, const Slapi_Value *v,
+ int entry2str_ctrl, int attribute_state,
+ int value_state )
+{
+ size_t elen = 0;
+ size_t attrtypelen;
+ if((NULL == attrtype) || is_type_protected(attrtype)) {
+ goto bail;
+ }
+ attrtypelen = strlen(attrtype);
+ if(entry2str_ctrl & SLAPI_DUMP_STATEINFO)
{
- size_t attrtypelen= strlen(attrtype);
- if(entry2str_ctrl & SLAPI_DUMP_STATEINFO)
+ attrtypelen+= csnset_string_size(v->v_csnset);
+ if (attribute_state==ATTRIBUTE_DELETED)
{
- attrtypelen+= csnset_string_size(v->v_csnset);
- if (attribute_state==ATTRIBUTE_DELETED)
- {
- attrtypelen += DELETED_ATTR_STRSIZE;
- }
- if(value_state==VALUE_DELETED)
- {
- attrtypelen += DELETED_VALUE_STRSIZE;
- }
+ attrtypelen += DELETED_ATTR_STRSIZE;
+ }
+ if(value_state==VALUE_DELETED)
+ {
+ attrtypelen += DELETED_VALUE_STRSIZE;
}
- elen = LDIF_SIZE_NEEDED(attrtypelen, slapi_value_get_berval(v)->bv_len);
}
+ elen = LDIF_SIZE_NEEDED(attrtypelen, slapi_value_get_berval(v)->bv_len);
+bail:
return elen;
}
@@ -1599,6 +1613,18 @@ entry2str_internal_put_valueset( const char *attrtype, const CSN *attrcsn, CSNTy
}
}
+static int
+is_type_protected(const char *type)
+{
+ char **paap = NULL;
+ for (paap = protected_attrs_all; paap && *paap; paap++) {
+ if (0 == strcasecmp(type, *paap)) {
+ return 1;
+ }
+ }
+ return 0;
+}
+
static void
entry2str_internal_put_attrlist( const Slapi_Attr *attrlist, int attr_state, int entry2str_ctrl, char **ecur, char **typebuf, size_t *typebuf_len)
{
@@ -1614,7 +1640,8 @@ entry2str_internal_put_attrlist( const Slapi_Attr *attrlist, int attr_state, int
/* don't dump uniqueid if not asked */
if (!(strcasecmp(a->a_type, SLAPI_ATTR_UNIQUEID) == 0 &&
- !(SLAPI_DUMP_UNIQUEID & entry2str_ctrl)))
+ !(SLAPI_DUMP_UNIQUEID & entry2str_ctrl)) &&
+ !is_type_protected(a->a_type))
{
/* Putting present attribute values */
/* put "<type>:[:] <value>" line for each value */
diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index 219ac72..e240237 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -870,19 +870,6 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
slapi_pblock_set(pb, SLAPI_PLUGIN, be->be_database);
set_db_default_result_handlers(pb);
-
- /* Remove the unhashed password pseudo-attribute prior */
- /* to db access */
- slapi_mods_init_passin (&smods, mods);
- if (!unhashed_pw_attr) {
- unhashed_pw_attr = slapi_attr_syntax_normalize(PSEUDO_ATTR_UNHASHEDUSERPASSWORD);
- }
- if (slapi_mods_get_num_mods(&smods)) {
- remove_mod (&smods, unhashed_pw_attr, &unhashed_pw_smod);
- slapi_pblock_set (pb, SLAPI_MODIFY_MODS,
- (void*)slapi_mods_get_ldapmods_passout (&smods));
- }
-
if (be->be_modify != NULL)
{
if ((rc = (*be->be_modify)(pb)) == 0)
@@ -920,27 +907,6 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL,
"Function not implemented", 0, NULL);
}
- /* Add the pseudo-attribute prior to calling the postop plugins */
- if (pw_change)
- {
- LDAPMod *lc_mod = NULL;
-
- slapi_pblock_get (pb, SLAPI_MODIFY_MODS, &mods);
- slapi_mods_init_passin (&smods, mods);
- for ( lc_mod = slapi_mods_get_first_mod(&unhashed_pw_smod); lc_mod;
- lc_mod = slapi_mods_get_next_mod(&unhashed_pw_smod) )
- {
- Slapi_Mod lc_smod;
- slapi_mod_init_byval(&lc_smod, lc_mod); /* copies lc_mod */
- /* this extracts the copy of lc_mod and finalizes lc_smod too */
- slapi_mods_add_ldapmod(&smods,
- slapi_mod_get_ldapmod_passout(&lc_smod));
- }
- slapi_pblock_set (pb, SLAPI_MODIFY_MODS,
- (void*)slapi_mods_get_ldapmods_passout (&smods));
- }
- slapi_mods_done(&unhashed_pw_smod); /* can finalize now */
-
slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, &rc);
plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_POST_MODIFY_FN :
@@ -973,6 +939,7 @@ free_and_return:
slapi_be_Unlock(be);
slapi_sdn_done(&sdn);
+ slapi_mods_done(&unhashed_pw_smod); /* can finalize now */
if (unhashed_pw_attr)
slapi_ch_free ((void**)&unhashed_pw_attr);
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
index 7aca148..aa76e03 100644
--- a/ldap/servers/slapd/pw_mgmt.c
+++ b/ldap/servers/slapd/pw_mgmt.c
@@ -301,6 +301,10 @@ pw_init ( void ) {
slapdFrontendConfig = getFrontendConfig();
pw_mod_allowchange_aci (!slapdFrontendConfig->pw_policy.pw_change &&
!slapdFrontendConfig->pw_policy.pw_must_change);
+
+ slapi_add_internal_attr_syntax( PSEUDO_ATTR_UNHASHEDUSERPASSWORD,
+ PSEUDO_ATTR_UNHASHEDUSERPASSWORD_OID,
+ OCTETSTRING_SYNTAX_OID, 0, 0 );
}
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index 98ba79c..3a54564 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -2291,6 +2291,8 @@ extern char *attr_dataversion;
#define MTN_CONTROL_USE_ONE_BACKEND_OID "2.16.840.1.113730.3.4.14"
#define MTN_CONTROL_USE_ONE_BACKEND_EXT_OID "2.16.840.1.113730.3.4.20"
+#define PSEUDO_ATTR_UNHASHEDUSERPASSWORD_OID "2.16.840.1.113730.3.1.2110"
+
/* virtualListViewError is a relatively new concept that was added long
* after we implemented VLV. Until added to LDAP SDK, we define
* virtualListViewError here. Once it's added, this define would go away. */
diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
index 862a23b..c63e312 100644
--- a/ldap/servers/slapd/slapi-plugin.h
+++ b/ldap/servers/slapd/slapi-plugin.h
@@ -374,6 +374,7 @@ NSPR_API(PRUint32) PR_fprintf(struct PRFileDesc* fd, const char *fmt, ...)
#define SLAPI_ATTR_NSCP_ENTRYDN "nscpEntryDN"
#define SLAPI_ATTR_ENTRYUSN "entryusn"
#define SLAPI_ATTR_ENTRYUSN_PREV "preventryusn"
+#define SLAPI_ATTR_ENTRYDN "entrydn"
/* opaque structures */
diff --git a/ldap/servers/slapd/slapi-private.h b/ldap/servers/slapd/slapi-private.h
index 6f1e2ca..bedc9f5 100644
--- a/ldap/servers/slapd/slapi-private.h
+++ b/ldap/servers/slapd/slapi-private.h
@@ -1235,6 +1235,8 @@ int plugin_enabled(const char *plugin_name, void *identity);
*/
int is_slapd_running();
+/* attrsyntax.c */
+int slapi_add_internal_attr_syntax( const char *name, const char *oid, const char *syntax, const char *mr_equality, unsigned long extraflags );
#ifdef __cplusplus
}
12 years, 6 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/cache.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
New commits:
commit bede5727775b3a9d470acc5941b2d6eca80bb79c
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Oct 10 15:19:46 2011 -0700
Bug 744945 - nsslapd-counters attribute value cannot be set to "off"
https://bugzilla.redhat.com/show_bug.cgi?id=744945
Description: nsslapd-counters (cn=config) is allowed to have the
value "off". Once it's set, cache monitor would not be available.
. when staring the server, following message is logged.
cache_init: slapi counter is not available.
. ldapsearch cache statistics under cn=monitor,cn=<BACKEND>,cn=ldbm
database, cn=plugins,cn=config shows 0's:
entrycachehits: 0
entrycachetries: 0
entrycachehitratio: 0
diff --git a/ldap/servers/slapd/back-ldbm/cache.c b/ldap/servers/slapd/back-ldbm/cache.c
index ff9921a..3d09bb3 100644
--- a/ldap/servers/slapd/back-ldbm/cache.c
+++ b/ldap/servers/slapd/back-ldbm/cache.c
@@ -536,7 +536,9 @@ int cache_init(struct cache *cache, size_t maxsize, long maxentries, int type)
} else {
LDAPDebug0Args(LDAP_DEBUG_ANY,
"cache_init: slapi counter is not available.\n");
- return 0;
+ cache->c_cursize = NULL;
+ cache->c_hits = NULL;
+ cache->c_tries = NULL;
}
cache->c_lruhead = cache->c_lrutail = NULL;
cache_make_hashes(cache, type);
12 years, 6 months
ldap/servers
by Nathan Kinder
ldap/servers/slapd/back-ldbm/idl_new.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
New commits:
commit ef04fbc92b0ce819bfeb1a7671f573996c72b5ba
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Mon Oct 10 15:02:45 2011 -0700
Bug 744946 - (cov#11046) NULL dereference in IDL code
There is a chance of a NULL dereference of the idl pointer in idl_new_fetch()
that was reported by a Coverity scan. We should check if idl is NULL before
dereferencing it.
diff --git a/ldap/servers/slapd/back-ldbm/idl_new.c b/ldap/servers/slapd/back-ldbm/idl_new.c
index aa69960..4667c87 100644
--- a/ldap/servers/slapd/back-ldbm/idl_new.c
+++ b/ldap/servers/slapd/back-ldbm/idl_new.c
@@ -272,8 +272,8 @@ IDList * idl_new_fetch(
LDAPDebug(LDAP_DEBUG_TRACE, "bulk fetch buffer nids=%d\n", count, 0, 0);
#if defined(DB_ALLIDS_ON_READ)
/* enforce the allids read limit */
- if (NEW_IDL_NO_ALLID != *flag_err &&
- NULL != a && idl_new_exceeds_allidslimit(count, a, allidslimit)) {
+ if ((NEW_IDL_NO_ALLID != *flag_err) && (NULL != a) &&
+ (idl != NULL) && idl_new_exceeds_allidslimit(count, a, allidslimit)) {
idl->b_nids = 1;
idl->b_ids[0] = ALLID;
ret = DB_NOTFOUND; /* fool the code below into thinking that we finished the dups */
@@ -301,7 +301,7 @@ IDList * idl_new_fetch(
}
#if defined(DB_ALLIDS_ON_READ)
/* enforce the allids read limit */
- if (idl_new_exceeds_allidslimit(count, a, allidslimit)) {
+ if ((idl != NULL) && idl_new_exceeds_allidslimit(count, a, allidslimit)) {
idl->b_nids = 1;
idl->b_ids[0] = ALLID;
ret = DB_NOTFOUND; /* fool the code below into thinking that we finished the dups */
12 years, 6 months
2 commits - ldap/servers
by Richard Allen Megginson
ldap/servers/plugins/referint/referint.c | 62 +++++++++++++++++++++----------
1 file changed, 42 insertions(+), 20 deletions(-)
New commits:
commit 8d3b9218d0f1bcb2aa46311436538ed415d82560
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Oct 10 09:59:22 2011 -0600
Use new PLUGIN_CONFIG_ENTRY feature to allow switching between txn and regular
Use new PLUGIN_CONFIG_ENTRY feature to allow switching between txn and regular
Setting the referint plugin type to "betxnpostoperation" will make
referint be a betxn postoperation plugin.
Reviewed by: nkinder (Thanks!)
diff --git a/ldap/servers/plugins/referint/referint.c b/ldap/servers/plugins/referint/referint.c
index 86f1372..8b3ac75 100644
--- a/ldap/servers/plugins/referint/referint.c
+++ b/ldap/servers/plugins/referint/referint.c
@@ -109,6 +109,10 @@ void plugin_init_debug_level(int *level_ptr)
int
referint_postop_init( Slapi_PBlock *pb )
{
+ Slapi_Entry *plugin_entry = NULL;
+ char *plugin_type = NULL;
+ int delfn = SLAPI_PLUGIN_POST_DELETE_FN;
+ int mdnfn = SLAPI_PLUGIN_POST_MODRDN_FN;
/*
* Get plugin identity and stored it for later use
@@ -118,13 +122,23 @@ referint_postop_init( Slapi_PBlock *pb )
slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &referint_plugin_identity);
PR_ASSERT (referint_plugin_identity);
+ /* get args */
+ if ((slapi_pblock_get(pb, SLAPI_PLUGIN_CONFIG_ENTRY, &plugin_entry) == 0) &&
+ plugin_entry &&
+ (plugin_type = slapi_entry_attr_get_charptr(plugin_entry, "nsslapd-plugintype")) &&
+ plugin_type && strstr(plugin_type, "betxn")) {
+ delfn = SLAPI_PLUGIN_BE_TXN_POST_DELETE_FN;
+ mdnfn = SLAPI_PLUGIN_BE_TXN_POST_MODRDN_FN;
+ }
+ slapi_ch_free_string(&plugin_type);
+
if ( slapi_pblock_set( pb, SLAPI_PLUGIN_VERSION,
SLAPI_PLUGIN_VERSION_01 ) != 0 ||
slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION,
(void *)&pdesc ) != 0 ||
- slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_DELETE_FN,
+ slapi_pblock_set( pb, delfn,
(void *) referint_postop_del ) != 0 ||
- slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_MODRDN_FN,
+ slapi_pblock_set( pb, mdnfn,
(void *) referint_postop_modrdn ) != 0 ||
slapi_pblock_set(pb, SLAPI_PLUGIN_START_FN,
(void *) referint_postop_start ) != 0 ||
commit d316a6717b18cba9826639d82116baa967734f35
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Sep 15 14:46:34 2011 -0600
Change referential integrity to be a betxnpostoperation plugin
This changes referential integrity to be a betxnpostoperation plugin
Note: this doesn't include the dse.ldif changes, so that will have to be
done manually
Reviewed by: nkinder (Thanks!)
diff --git a/ldap/servers/plugins/referint/referint.c b/ldap/servers/plugins/referint/referint.c
index e22a018..86f1372 100644
--- a/ldap/servers/plugins/referint/referint.c
+++ b/ldap/servers/plugins/referint/referint.c
@@ -77,7 +77,7 @@ int referint_postop_del( Slapi_PBlock *pb );
int referint_postop_modrdn( Slapi_PBlock *pb );
int referint_postop_start( Slapi_PBlock *pb);
int referint_postop_close( Slapi_PBlock *pb);
-int update_integrity(char **argv, char *origDN, char *newrDN, char *newsuperior, int logChanges);
+int update_integrity(char **argv, char *origDN, char *newrDN, char *newsuperior, int logChanges, void *txn);
void referint_thread_func(void *arg);
int GetNextLine(char *dest, int size_dest, PRFileDesc *stream);
void writeintegritylog(char *logfilename, char *dn, char *newrdn, char *newsuperior);
@@ -122,9 +122,9 @@ referint_postop_init( Slapi_PBlock *pb )
SLAPI_PLUGIN_VERSION_01 ) != 0 ||
slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION,
(void *)&pdesc ) != 0 ||
- slapi_pblock_set( pb, SLAPI_PLUGIN_POST_DELETE_FN,
+ slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_DELETE_FN,
(void *) referint_postop_del ) != 0 ||
- slapi_pblock_set( pb, SLAPI_PLUGIN_POST_MODRDN_FN,
+ slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_MODRDN_FN,
(void *) referint_postop_modrdn ) != 0 ||
slapi_pblock_set(pb, SLAPI_PLUGIN_START_FN,
(void *) referint_postop_start ) != 0 ||
@@ -151,10 +151,12 @@ referint_postop_del( Slapi_PBlock *pb )
int delay;
int logChanges=0;
int isrepop = 0;
+ void *txn = NULL;
if ( slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &isrepop ) != 0 ||
slapi_pblock_get( pb, SLAPI_DELETE_TARGET, &dn ) != 0 ||
- slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &oprc) != 0)
+ slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &oprc) != 0 ||
+ slapi_pblock_get(pb, SLAPI_TXN, &txn) != 0)
{
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"referint_postop_del: could not get parameters\n" );
@@ -199,7 +201,7 @@ referint_postop_del( Slapi_PBlock *pb )
}else if(delay == 0){
/* no delay */
/* call function to update references to entry */
- rc = update_integrity(argv, dn, NULL, NULL, logChanges);
+ rc = update_integrity(argv, dn, NULL, NULL, logChanges, txn);
}else{
/* write the entry to integrity log */
writeintegritylog(argv[1],dn, NULL, NULL);
@@ -228,12 +230,14 @@ referint_postop_modrdn( Slapi_PBlock *pb )
int delay;
int logChanges=0;
int isrepop = 0;
+ void *txn = NULL;
if ( slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &isrepop ) != 0 ||
slapi_pblock_get( pb, SLAPI_MODRDN_TARGET, &dn ) != 0 ||
slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn ) != 0 ||
slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperior ) != 0 ||
- slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &oprc) != 0 ){
+ slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &oprc) != 0 ||
+ slapi_pblock_get(pb, SLAPI_TXN, &txn) != 0) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"referint_postop_modrdn: could not get parameters\n" );
@@ -282,7 +286,7 @@ referint_postop_modrdn( Slapi_PBlock *pb )
}else if(delay == 0){
/* no delay */
/* call function to update references to entry */
- rc = update_integrity(argv, dn, newrdn, newsuperior, logChanges);
+ rc = update_integrity(argv, dn, newrdn, newsuperior, logChanges, txn);
}else{
/* write the entry to integrity log */
writeintegritylog(argv[1],dn, newrdn, newsuperior);
@@ -313,11 +317,13 @@ int isFatalSearchError(int search_result)
}
static int
-_do_modify(Slapi_PBlock *mod_pb, const char *entryDN, LDAPMod **mods)
+_do_modify(Slapi_PBlock *mod_pb, const char *entryDN, LDAPMod **mods, void *txn)
{
int rc = 0;
slapi_pblock_init(mod_pb);
+ /* set the transaction to use */
+ slapi_pblock_set(mod_pb, SLAPI_TXN, txn);
/* Use internal operation API */
slapi_modify_internal_set_pb(mod_pb, entryDN, mods, NULL, NULL,
@@ -339,7 +345,7 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
char *norm_origDN, /* normalized original DN */
char *newRDN, /* new RDN from modrdn */
char *newsuperior, /* new superior from modrdn */
- Slapi_PBlock *mod_pb)
+ Slapi_PBlock *mod_pb, void *txn)
{
LDAPMod *list_of_mods[3];
char *values_del[2];
@@ -362,7 +368,7 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
list_of_mods[0] = &attribute1;
/* terminate list of mods. */
list_of_mods[1] = NULL;
- rc = _do_modify(mod_pb, entryDN, list_of_mods);
+ rc = _do_modify(mod_pb, entryDN, list_of_mods, txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: entry %s: deleting \"%s: %s\" failed (%d)"
@@ -440,7 +446,7 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
attribute2.mod_values = values_add;
list_of_mods[1] = &attribute2;
list_of_mods[2] = NULL;
- rc = _do_modify(mod_pb, entryDN, list_of_mods);
+ rc = _do_modify(mod_pb, entryDN, list_of_mods, txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: entry %s: replacing \"%s: %s\" "
@@ -469,7 +475,7 @@ _update_one_per_mod(const char *entryDN, /* DN of the searched entry */
attribute2.mod_values = values_add;
list_of_mods[1] = &attribute2;
list_of_mods[2] = NULL;
- rc = _do_modify(mod_pb, entryDN, list_of_mods);
+ rc = _do_modify(mod_pb, entryDN, list_of_mods, txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: entry %s: replacing \"%s: %s\" "
@@ -504,7 +510,7 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
char *norm_origDN, /* normalized original DN */
char *newRDN, /* new RDN from modrdn */
char *newsuperior, /* new superior from modrdn */
- Slapi_PBlock *mod_pb)
+ Slapi_PBlock *mod_pb, void *txn)
{
Slapi_Mods *smods = NULL;
char *newDN = NULL;
@@ -531,7 +537,7 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
mods[0] = &attribute1;
/* terminate list of mods. */
mods[1] = NULL;
- rc = _do_modify(mod_pb, entryDN, mods);
+ rc = _do_modify(mod_pb, entryDN, mods, txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: entry %s: deleting \"%s: %s\" failed (%d)"
@@ -612,7 +618,7 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
/* else: value does not include the modified DN. Ignore it. */
slapi_ch_free_string(&sval);
}
- rc = _do_modify(mod_pb, entryDN, slapi_mods_get_ldapmods_byref(smods));
+ rc = _do_modify(mod_pb, entryDN, slapi_mods_get_ldapmods_byref(smods), txn);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_all_value: entry %s failed (%d)\n",
@@ -633,7 +639,7 @@ _update_all_per_mod(const char *entryDN, /* DN of the searched entry */
int
update_integrity(char **argv, char *origDN,
- char *newrDN, char *newsuperior, int logChanges)
+ char *newrDN, char *newsuperior, int logChanges, void *txn)
{
Slapi_PBlock *search_result_pb = NULL;
Slapi_PBlock *mod_pb = slapi_pblock_new();
@@ -654,7 +660,7 @@ update_integrity(char **argv, char *origDN,
rc = -1;
goto free_and_return;
}
-
+
/* for now, just putting attributes to keep integrity on in conf file,
until resolve the other timing mode issue */
@@ -688,6 +694,8 @@ update_integrity(char **argv, char *origDN,
/* Use new search API */
slapi_pblock_init(search_result_pb);
+ /* set the parent txn for the search ops */
+ slapi_pblock_set(search_result_pb, SLAPI_TXN, txn);
slapi_search_internal_set_pb(search_result_pb, search_base,
LDAP_SCOPE_SUBTREE, filter, attrs, 0 /* attrs only */,
NULL, NULL, referint_plugin_identity, 0);
@@ -740,14 +748,14 @@ update_integrity(char **argv, char *origDN,
attr, attrName,
origDN, norm_origDN,
newrDN, newsuperior,
- mod_pb);
+ mod_pb, txn);
} else {
rc = _update_all_per_mod(
slapi_entry_get_dn(search_entries[j]),
attr, attrName,
origDN, norm_origDN,
newrDN, newsuperior,
- mod_pb);
+ mod_pb, txn);
}
/* Should we stop if one modify returns an error? */
}
@@ -955,7 +963,7 @@ referint_thread_func(void *arg)
tmpsuperior = slapi_ch_smprintf("%s", ptoken);
}
- update_integrity(plugin_argv, tmpdn, tmprdn, tmpsuperior, logChanges);
+ update_integrity(plugin_argv, tmpdn, tmprdn, tmpsuperior, logChanges, NULL);
slapi_ch_free_string(&tmpdn);
slapi_ch_free_string(&tmprdn);
12 years, 6 months
VERSION.sh
by Richard Allen Megginson
VERSION.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit b6080f72b85a67114525ed844c4fbd4aa18f8611
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Oct 7 21:27:36 2011 -0600
bump version to 1.2.10.a5
diff --git a/VERSION.sh b/VERSION.sh
index ad2faef..f0e4468 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -14,7 +14,7 @@ VERSION_MAINT=10
# if this is a PRERELEASE, set VERSION_PREREL
# otherwise, comment it out
# be sure to include the dot prefix in the prerel
-VERSION_PREREL=.a4
+VERSION_PREREL=.a5
# NOTES on VERSION_PREREL
# use aN for an alpha release e.g. a1, a2, etc.
# use rcN for a release candidate e.g. rc1, rc2, etc.
12 years, 7 months