/* writes the current cookie into dse.ldif under the replication agreement entry
returns: ldap result code of the operation. */
int
windows_private_save_dirsync_cookie(const Repl_Agmt *ra)
{
Dirsync_Private *dp = NULL;
Slapi_PBlock *pb = NULL;
Slapi_DN* sdn = NULL;
int rc = 0;
Slapi_Mods *mods = NULL;
LDAPDebug0Args( LDAP_DEBUG_TRACE, "=> windows_private_save_dirsync_cookie\n" );
PR_ASSERT(ra);
dp = (Dirsync_Private *) agmt_get_priv(ra);
PR_ASSERT (dp);
pb = slapi_pblock_new ();
mods = windows_private_get_cookie_mod(dp, LDAP_MOD_REPLACE);
sdn = slapi_sdn_dup( agmt_get_dn_byref(ra) );
slapi_modify_internal_set_pb_ext (pb, sdn,
slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
if (rc == LDAP_NO_SUCH_ATTRIBUTE)
{ /* try again, but as an add instead */
slapi_mods_free(&mods);
mods = windows_private_get_cookie_mod(dp, LDAP_MOD_ADD);
slapi_modify_internal_set_pb_ext (pb, sdn,
slapi_mods_get_ldapmods_byref(mods), NULL, NULL,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
}
slapi_pblock_destroy (pb);
slapi_mods_free(&mods);
slapi_sdn_free(&sdn);
LDAPDebug0Args( LDAP_DEBUG_TRACE, "<= windows_private_save_dirsync_cookie\n" );
return rc;
}
int
urp_fixup_modify_entry (const char *uniqueid, const Slapi_DN *sdn, CSN *opcsn, Slapi_Mods *smods, int opflags)
{
Slapi_PBlock *newpb;
Slapi_Operation *op;
int op_result;
newpb = slapi_pblock_new();
slapi_modify_internal_set_pb_ext (
newpb,
sdn,
slapi_mods_get_ldapmods_byref (smods),
NULL, /* Controls */
uniqueid,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION),
OP_FLAG_REPLICATED | OP_FLAG_REPL_FIXUP | opflags);
/* set operation csn */
slapi_pblock_get (newpb, SLAPI_OPERATION, &op);
operation_set_csn (op, opcsn);
/* do modify */
slapi_modify_internal_pb (newpb);
slapi_pblock_get (newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result);
slapi_pblock_destroy(newpb);
return op_result;
}
void
pw_apply_mods(const Slapi_DN *sdn, Slapi_Mods *mods)
{
Slapi_PBlock pb;
int res;
if (mods && (slapi_mods_get_num_mods(mods) > 0))
{
pblock_init(&pb);
/* We don't want to overwrite the modifiersname, etc. attributes,
* so we set a flag for this operation */
slapi_modify_internal_set_pb_ext (&pb, sdn,
slapi_mods_get_ldapmods_byref(mods),
NULL, /* Controls */
NULL, /* UniqueID */
pw_get_componentID(), /* PluginID */
OP_FLAG_SKIP_MODIFIED_ATTRS); /* Flags */
slapi_modify_internal_pb (&pb);
slapi_pblock_get(&pb, SLAPI_PLUGIN_INTOP_RESULT, &res);
if (res != LDAP_SUCCESS){
LDAPDebug2Args(LDAP_DEBUG_ANY,
"WARNING: passwordPolicy modify error %d on entry '%s'\n",
res, slapi_sdn_get_dn(sdn));
}
pblock_done(&pb);
}
return;
}
static int upgrade_db_3x_40(backend *be)
{
struct ldbminfo *li = (struct ldbminfo *) be->be_database->plg_private;
int ret = 0;
back_txn txn;
static char* indexes_modified[] = {"parentid", "numsubordinates", NULL};
LDAPDebug( LDAP_DEBUG_ANY, "WARNING: Detected a database older than this server, upgrading data...\n",0,0,0);
dblayer_txn_init(li,&txn);
ret = dblayer_txn_begin(li,NULL,&txn);
if (0 != ret) {
ldbm_nasty(filename,69,ret);
goto error;
}
ret = indexfile_delete_all_keys(be,"parentid",&txn);
if (0 != ret) {
ldbm_nasty(filename,70,ret);
goto error;
}
{
Slapi_Mods smods;
slapi_mods_init(&smods,1);
/* Mods are to remove the hassubordinates attribute */
slapi_mods_add(&smods, LDAP_MOD_DELETE, "hassubordinates", 0, NULL);
/* This function takes care of generating the subordinatecount attribute and indexing it */
ret = indexfile_primary_modifyall(be,slapi_mods_get_ldapmods_byref(&smods),indexes_modified,&txn);
slapi_mods_done(&smods);
}
if (0 != ret) {
ldbm_nasty(filename,61,ret);
}
error:
if (0 != ret ) {
dblayer_txn_abort(li,&txn);
} else {
ret = dblayer_txn_commit(li,&txn);
if (0 != ret) {
ldbm_nasty(filename,60,ret);
} else {
/* Now update DBVERSION file */
}
}
if (0 == ret) {
LDAPDebug( LDAP_DEBUG_ANY, "...upgrade complete.\n",0,0,0);
} else {
LDAPDebug( LDAP_DEBUG_ANY, "ERROR: Attempt to upgrade the older database FAILED.\n",0,0,0);
}
return ret;
}
/* This routine does that part of a modify operation which involves
updating the on-disk data: updates idices, id2entry.
Copes properly with DB_LOCK_DEADLOCK. The caller must be able to cope with
DB_LOCK_DEADLOCK returned.
The caller is presumed to proceed as follows:
Find the entry you want to modify;
Lock it for modify;
Make a copy of it; (call backentry_dup() )
Apply modifications to the copy in memory (call entry_apply_mods() )
begin transaction;
Do any other mods to on-disk data you want
Call this routine;
Commit transaction;
You pass it environment data: struct ldbminfo, pb (not sure why, but the vlv code seems to need it)
the copy of the entry before modfication, the entry after modification;
an LDAPMods array containing the modifications performed
*/
int modify_update_all(backend *be, Slapi_PBlock *pb,
modify_context *mc,
back_txn *txn)
{
static char *function_name = "modify_update_all";
Slapi_Operation *operation;
int is_ruv = 0; /* True if the current entry is RUV */
int retval = 0;
if (pb) { /* pb could be NULL if it's called from import */
slapi_pblock_get( pb, SLAPI_OPERATION, &operation );
is_ruv = operation_is_flag_set(operation, OP_FLAG_REPL_RUV);
}
/*
* Update the ID to Entry index.
* Note that id2entry_add replaces the entry, so the Entry ID stays the same.
*/
retval = id2entry_add_ext( be, mc->new_entry, txn, mc->attr_encrypt, NULL );
if ( 0 != retval ) {
if (DB_LOCK_DEADLOCK != retval)
{
ldbm_nasty(function_name,"",66,retval);
}
goto error;
}
retval = index_add_mods( be, slapi_mods_get_ldapmods_byref(mc->smods), mc->old_entry, mc->new_entry, txn );
if ( 0 != retval ) {
if (DB_LOCK_DEADLOCK != retval)
{
ldbm_nasty(function_name,"",65,retval);
}
goto error;
}
/*
* Remove the old entry from the Virtual List View indexes.
* Add the new entry to the Virtual List View indexes.
* Because the VLV code calls slapi_filter_test(), which requires a pb (why?),
* we allow the caller sans pb to get everything except vlv indexing.
*/
if (NULL != pb && !is_ruv) {
retval= vlv_update_all_indexes(txn, be, pb, mc->old_entry, mc->new_entry);
if ( 0 != retval ) {
if (DB_LOCK_DEADLOCK != retval)
{
ldbm_nasty(function_name,"",64,retval);
}
goto error;
}
}
error:
return retval;
}
int modify_apply_mods_ignore_error(modify_context *mc, Slapi_Mods *smods, int error)
{
int ret = 0;
/* Make a copy of the entry */
PR_ASSERT(mc->old_entry != NULL);
PR_ASSERT(mc->new_entry == NULL);
mc->new_entry = backentry_dup(mc->old_entry);
PR_ASSERT(smods!=NULL);
if ( mods_have_effect (mc->new_entry->ep_entry, smods) ) {
ret = entry_apply_mods_ignore_error( mc->new_entry->ep_entry, slapi_mods_get_ldapmods_byref(smods), error);
}
mc->smods= smods;
if (error == ret) {
ret = LDAP_SUCCESS;
}
return ret;
}
/* Construct Mods pblock and perform the modify operation
* Sets result of operation in SLAPI_PLUGIN_INTOP_RESULT
*/
int ipapwd_apply_mods(const char *dn, Slapi_Mods *mods)
{
Slapi_PBlock *pb;
int ret;
LOG_TRACE("=>\n");
if (!mods || (slapi_mods_get_num_mods(mods) == 0)) {
return -1;
}
pb = slapi_pblock_new();
slapi_modify_internal_set_pb(pb, dn,
slapi_mods_get_ldapmods_byref(mods),
NULL, /* Controls */
NULL, /* UniqueID */
ipapwd_plugin_id, /* PluginID */
0); /* Flags */
ret = slapi_modify_internal_pb(pb);
if (ret) {
LOG_TRACE("WARNING: modify error %d on entry '%s'\n", ret, dn);
} else {
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &ret);
if (ret != LDAP_SUCCESS){
LOG_TRACE("WARNING: modify error %d on entry '%s'\n", ret, dn);
} else {
LOG_TRACE("<= Successful\n");
}
}
slapi_pblock_destroy(pb);
return ret;
}
/*
* update multiple attribute values per _do_modify
*/
static int
_update_all_per_mod(Slapi_DN *entrySDN, /* DN of the searched entry */
Slapi_Attr *attr, /* referred attribute */
char *attrName,
Slapi_DN *origDN, /* original DN that was modified */
char *newRDN, /* new RDN from modrdn */
const char *newsuperior, /* new superior from modrdn */
Slapi_PBlock *mod_pb)
{
Slapi_Mods *smods = NULL;
char *newDN = NULL;
char **dnParts = NULL;
char *sval = NULL;
char *newvalue = NULL;
char *p = NULL;
size_t dnlen = 0;
int rc = 0;
int nval = 0;
slapi_attr_get_numvalues(attr, &nval);
if (NULL == newRDN && NULL == newsuperior) {
/* in delete mode */
LDAPMod *mods[2];
char *values_del[2];
LDAPMod attribute1;
/* delete old dn so set that up */
values_del[0] = (char *)slapi_sdn_get_dn(origDN);
values_del[1] = NULL;
attribute1.mod_type = attrName;
attribute1.mod_op = LDAP_MOD_DELETE;
attribute1.mod_values = values_del;
mods[0] = &attribute1;
/* terminate list of mods. */
mods[1] = NULL;
rc = _do_modify(mod_pb, entrySDN, mods);
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_all_per_mod: entry %s: deleting \"%s: %s\" failed (%d)"
"\n", slapi_sdn_get_dn(entrySDN), attrName, slapi_sdn_get_dn(origDN), rc);
}
} else {
/* in modrdn mode */
const char *superior = NULL;
int nval = 0;
Slapi_Value *v = NULL;
if (NULL == origDN) {
slapi_log_error(SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_all_per_mod: NULL dn was passed\n");
goto bail;
}
/* need to put together rdn into a dn */
dnParts = slapi_ldap_explode_dn( slapi_sdn_get_dn(origDN), 0 );
if (NULL == dnParts) {
slapi_log_error(SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_all_per_mod: failed to explode dn %s\n",
slapi_sdn_get_dn(origDN));
goto bail;
}
if (NULL == newRDN) {
newRDN = dnParts[0];
}
if (newsuperior) {
superior = newsuperior;
} else {
/* do not free superior */
superior = slapi_dn_find_parent(slapi_sdn_get_dn(origDN));
}
/* newRDN and superior are already normalized. */
newDN = slapi_ch_smprintf("%s,%s", newRDN, superior);
slapi_dn_ignore_case(newDN);
/*
* Compare the modified dn with the value of
* the target attribute of referint to find out
* the modified dn is the ancestor (case 2) or
* the value itself (case 1).
*
* E.g.,
* (case 1)
* modrdn: uid=A,ou=B,o=C --> uid=A',ou=B',o=C
* (origDN) (newDN)
* member: uid=A,ou=B,ou=C --> uid=A',ou=B',ou=C
* (sval) (newDN)
*
* (case 2)
* modrdn: ou=B,o=C --> ou=B',o=C
* (origDN) (newDN)
* member: uid=A,ou=B,ou=C --> uid=A,ou=B',ou=C
* (sval) (sval' + newDN)
*/
slapi_attr_get_numvalues(attr, &nval);
smods = slapi_mods_new();
slapi_mods_init(smods, 2 * nval + 1);
for (nval = slapi_attr_first_value(attr, &v);
nval != -1;
nval = slapi_attr_next_value(attr, nval, &v)) {
p = NULL;
dnlen = 0;
/* DN syntax, which should be a string */
sval = slapi_ch_strdup(slapi_value_get_string(v));
rc = slapi_dn_normalize_case_ext(sval, 0, &p, &dnlen);
if (rc == 0) { /* sval is passed in; not terminated */
*(p + dnlen) = '\0';
sval = p;
} else if (rc > 0) {
slapi_ch_free_string(&sval);
sval = p;
}
/* else: (rc < 0) Ignore the DN normalization error for now. */
p = PL_strstr(sval, slapi_sdn_get_ndn(origDN));
if (p == sval) {
/* (case 1) */
slapi_mods_add_string(smods, LDAP_MOD_DELETE, attrName, sval);
slapi_mods_add_string(smods, LDAP_MOD_ADD, attrName, newDN);
} else if (p) {
/* (case 2) */
slapi_mods_add_string(smods, LDAP_MOD_DELETE, attrName, sval);
*p = '\0';
newvalue = slapi_ch_smprintf("%s%s", sval, newDN);
slapi_mods_add_string(smods, LDAP_MOD_ADD, attrName, newvalue);
slapi_ch_free_string(&newvalue);
}
/* else: value does not include the modified DN. Ignore it. */
slapi_ch_free_string(&sval);
}
rc = _do_modify(mod_pb, entrySDN, slapi_mods_get_ldapmods_byref(smods));
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_all_per_mod: entry %s failed (%d)\n",
slapi_sdn_get_dn(entrySDN), rc);
}
/* cleanup memory allocated for dnParts and newDN */
if (dnParts){
slapi_ldap_value_free(dnParts);
dnParts = NULL;
}
slapi_ch_free_string(&newDN);
slapi_mods_free(&smods);
}
bail:
return rc;
}