int ndb_modify_internal( Operation *op, NdbArgs *NA, const char **text, char *textbuf, size_t textlen ) { struct ndb_info *ni = (struct ndb_info *) op->o_bd->be_private; Modification *mod; Modifications *ml; Modifications *modlist = op->orm_modlist; NdbAttrInfo **modai, *atmp; const NdbDictionary::Dictionary *myDict; const NdbDictionary::Table *myTable; int got_oc = 0, nmods = 0, nai = 0, i, j; int rc, indexed = 0; Attribute *old = NULL; Debug( LDAP_DEBUG_TRACE, "ndb_modify_internal: 0x%08lx: %s\n", NA->e->e_id, NA->e->e_dn, 0); if ( !acl_check_modlist( op, NA->e, modlist )) { return LDAP_INSUFFICIENT_ACCESS; } old = attrs_dup( NA->e->e_attrs ); for ( ml = modlist; ml != NULL; ml = ml->sml_next ) { mod = &ml->sml_mod; nmods++; switch ( mod->sm_op ) { case LDAP_MOD_ADD: Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: add %s\n", mod->sm_desc->ad_cname.bv_val, 0, 0); rc = modify_add_values( NA->e, mod, get_permissiveModify(op), text, textbuf, textlen ); if( rc != LDAP_SUCCESS ) { Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: %d %s\n", rc, *text, 0); } break; case LDAP_MOD_DELETE: Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: delete %s\n", mod->sm_desc->ad_cname.bv_val, 0, 0); rc = ndb_modify_delete( NA->e, mod, get_permissiveModify(op), text, textbuf, textlen, NULL ); assert( rc != LDAP_TYPE_OR_VALUE_EXISTS ); if( rc != LDAP_SUCCESS ) { Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: %d %s\n", rc, *text, 0); } break; case LDAP_MOD_REPLACE: Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: replace %s\n", mod->sm_desc->ad_cname.bv_val, 0, 0); rc = modify_replace_values( NA->e, mod, get_permissiveModify(op), text, textbuf, textlen ); if( rc != LDAP_SUCCESS ) { Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: %d %s\n", rc, *text, 0); } break; case LDAP_MOD_INCREMENT: Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: increment %s\n", mod->sm_desc->ad_cname.bv_val, 0, 0); rc = modify_increment_values( NA->e, mod, get_permissiveModify(op), text, textbuf, textlen ); if( rc != LDAP_SUCCESS ) { Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: %d %s\n", rc, *text, 0); } break; case SLAP_MOD_SOFTADD: Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: softadd %s\n", mod->sm_desc->ad_cname.bv_val, 0, 0); mod->sm_op = LDAP_MOD_ADD; rc = modify_add_values( NA->e, mod, get_permissiveModify(op), text, textbuf, textlen ); mod->sm_op = SLAP_MOD_SOFTADD; if ( rc == LDAP_TYPE_OR_VALUE_EXISTS ) { rc = LDAP_SUCCESS; } if( rc != LDAP_SUCCESS ) { Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: %d %s\n", rc, *text, 0); } break; case SLAP_MOD_SOFTDEL: Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: softdel %s\n", mod->sm_desc->ad_cname.bv_val, 0, 0); mod->sm_op = LDAP_MOD_DELETE; rc = modify_delete_values( NA->e, mod, get_permissiveModify(op), text, textbuf, textlen ); mod->sm_op = SLAP_MOD_SOFTDEL; if ( rc == LDAP_NO_SUCH_ATTRIBUTE) { rc = LDAP_SUCCESS; } if( rc != LDAP_SUCCESS ) { Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: %d %s\n", rc, *text, 0); } break; case SLAP_MOD_ADD_IF_NOT_PRESENT: Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: add_if_not_present %s\n", mod->sm_desc->ad_cname.bv_val, 0, 0); if ( attr_find( NA->e->e_attrs, mod->sm_desc ) ) { rc = LDAP_SUCCESS; break; } mod->sm_op = LDAP_MOD_ADD; rc = modify_add_values( NA->e, mod, get_permissiveModify(op), text, textbuf, textlen ); mod->sm_op = SLAP_MOD_ADD_IF_NOT_PRESENT; if( rc != LDAP_SUCCESS ) { Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: %d %s\n", rc, *text, 0); } break; default: Debug(LDAP_DEBUG_ANY, "ndb_modify_internal: invalid op %d\n", mod->sm_op, 0, 0); *text = "Invalid modify operation"; rc = LDAP_OTHER; Debug(LDAP_DEBUG_ARGS, "ndb_modify_internal: %d %s\n", rc, *text, 0); } if ( rc != LDAP_SUCCESS ) { attrs_free( old ); return rc; } /* If objectClass was modified, reset the flags */ if ( mod->sm_desc == slap_schema.si_ad_objectClass ) { NA->e->e_ocflags = 0; got_oc = 1; } } /* check that the entry still obeys the schema */ rc = entry_schema_check( op, NA->e, NULL, get_relax(op), 0, NULL, text, textbuf, textlen ); if ( rc != LDAP_SUCCESS || op->o_noop ) { if ( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_ANY, "entry failed schema check: %s\n", *text, 0, 0 ); } attrs_free( old ); return rc; } if ( got_oc ) { rc = ndb_entry_put_info( op->o_bd, NA, 1 ); if ( rc ) { attrs_free( old ); return rc; } } /* apply modifications to DB */ modai = (NdbAttrInfo **)op->o_tmpalloc( nmods * sizeof(NdbAttrInfo*), op->o_tmpmemctx ); /* Get the unique list of modified attributes */ ldap_pvt_thread_rdwr_rlock( &ni->ni_ai_rwlock ); for ( ml = modlist; ml != NULL; ml = ml->sml_next ) { /* Already took care of objectclass */ if ( ml->sml_desc == slap_schema.si_ad_objectClass ) continue; for ( i=0; i<nai; i++ ) { if ( ml->sml_desc->ad_type == modai[i]->na_attr ) break; } /* This attr was already updated */ if ( i < nai ) continue; modai[nai] = ndb_ai_find( ni, ml->sml_desc->ad_type ); if ( modai[nai]->na_flag & NDB_INFO_INDEX ) indexed++; nai++; } ldap_pvt_thread_rdwr_runlock( &ni->ni_ai_rwlock ); /* If got_oc, this was already done above */ if ( indexed && !got_oc) { rc = ndb_entry_put_info( op->o_bd, NA, 1 ); if ( rc ) { attrs_free( old ); return rc; } } myDict = NA->ndb->getDictionary(); /* sort modai so that OcInfo's are contiguous */ { int j, k; for ( i=0; i<nai; i++ ) { for ( j=i+1; j<nai; j++ ) { if ( modai[i]->na_oi == modai[j]->na_oi ) continue; for ( k=j+1; k<nai; k++ ) { if ( modai[i]->na_oi == modai[k]->na_oi ) { atmp = modai[j]; modai[j] = modai[k]; modai[k] = atmp; break; } } /* there are no more na_oi's that match modai[i] */ if ( k == nai ) { i = j; } } } } /* One call per table... */ for ( i=0; i<nai; i += j ) { atmp = modai[i]; for ( j=i+1; j<nai; j++ ) if ( atmp->na_oi != modai[j]->na_oi ) break; j -= i; myTable = myDict->getTable( atmp->na_oi->no_table.bv_val ); if ( !myTable ) continue; rc = ndb_oc_attrs( NA->txn, myTable, NA->e, atmp->na_oi, &modai[i], j, old ); if ( rc ) break; } attrs_free( old ); return rc; }
ID ndb_tool_entry_put( BackendDB *be, Entry *e, struct berval *text ) { struct ndb_info *ni = (struct ndb_info *) be->be_private; struct dn_id dtmp, *dptr; NdbArgs NA; NdbRdns rdns; int rc, slow = 0; Operation op = {0}; Opheader ohdr = {0}; assert( be != NULL ); assert( slapMode & SLAP_TOOL_MODE ); assert( text != NULL ); assert( text->bv_val != NULL ); assert( text->bv_val[0] == '\0' ); /* overconservative? */ Debug( LDAP_DEBUG_TRACE, "=> " LDAP_XSTRING(ndb_tool_entry_put) "( %ld, \"%s\" )\n", (long) e->e_id, e->e_dn, 0 ); if ( !be_issuffix( be, &e->e_nname )) { dnParent( &e->e_nname, &dtmp.dn ); dptr = (struct dn_id *)avl_find( myParents, &dtmp, ndb_dnid_cmp ); if ( !dptr ) slow = 1; } rdns.nr_num = 0; op.o_hdr = &ohdr; op.o_bd = be; op.o_tmpmemctx = NULL; op.o_tmpmfuncs = &ch_mfuncs; if ( !slow ) { rc = ndb_next_id( be, myNdb, &e->e_id ); if ( rc ) { snprintf( text->bv_val, text->bv_len, "next_id failed: %s (%d)", myNdb->getNdbError().message, myNdb->getNdbError().code ); Debug( LDAP_DEBUG_ANY, "=> ndb_tool_next_id: %s\n", text->bv_val, 0, 0 ); return rc; } } if ( !myPutTxn ) myPutTxn = myNdb->startTransaction(); if ( !myPutTxn ) { snprintf( text->bv_val, text->bv_len, "start_transaction failed: %s (%d)", myNdb->getNdbError().message, myNdb->getNdbError().code ); Debug( LDAP_DEBUG_ANY, "=> " LDAP_XSTRING(ndb_tool_entry_put) ": %s\n", text->bv_val, 0, 0 ); return NOID; } /* add dn2id indices */ ndb_dn2rdns( &e->e_name, &rdns ); NA.rdns = &rdns; NA.e = e; NA.ndb = myNdb; NA.txn = myPutTxn; if ( slow ) { rc = ndb_tool_next_id( &op, &NA, text, 0 ); if( rc != 0 ) { goto done; } } else { rc = ndb_entry_put_info( be, &NA, 0 ); if ( rc != 0 ) { goto done; } } /* id2entry index */ rc = ndb_entry_put_data( be, &NA ); if( rc != 0 ) { snprintf( text->bv_val, text->bv_len, "ndb_entry_put_data failed: %s (%d)", myNdb->getNdbError().message, myNdb->getNdbError().code ); Debug( LDAP_DEBUG_ANY, "=> " LDAP_XSTRING(ndb_tool_entry_put) ": %s\n", text->bv_val, 0, 0 ); goto done; } done: if( rc == 0 ) { myPutCnt++; if ( !( myPutCnt & 0x0f )) { rc = myPutTxn->execute(NdbTransaction::Commit); if( rc != 0 ) { snprintf( text->bv_val, text->bv_len, "txn_commit failed: %s (%d)", myPutTxn->getNdbError().message, myPutTxn->getNdbError().code ); Debug( LDAP_DEBUG_ANY, "=> " LDAP_XSTRING(ndb_tool_entry_put) ": %s\n", text->bv_val, 0, 0 ); e->e_id = NOID; } myPutTxn->close(); myPutTxn = NULL; } } else { snprintf( text->bv_val, text->bv_len, "txn_aborted! %s (%d)", myPutTxn->getNdbError().message, myPutTxn->getNdbError().code ); Debug( LDAP_DEBUG_ANY, "=> " LDAP_XSTRING(ndb_tool_entry_put) ": %s\n", text->bv_val, 0, 0 ); e->e_id = NOID; myPutTxn->close(); } return e->e_id; }
int ndb_back_modrdn( Operation *op, SlapReply *rs ) { struct ndb_info *ni = (struct ndb_info *) op->o_bd->be_private; AttributeDescription *children = slap_schema.si_ad_children; AttributeDescription *entry = slap_schema.si_ad_entry; struct berval new_dn = BER_BVNULL, new_ndn = BER_BVNULL; Entry e = {0}; Entry e2 = {0}; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; struct berval *np_dn = NULL; /* newSuperior dn */ struct berval *np_ndn = NULL; /* newSuperior ndn */ int manageDSAit = get_manageDSAit( op ); int num_retries = 0; NdbArgs NA, NA2; NdbRdns rdns, rdn2; struct berval matched; LDAPControl **preread_ctrl = NULL; LDAPControl **postread_ctrl = NULL; LDAPControl *ctrls[SLAP_MAX_RESPONSE_CONTROLS]; int num_ctrls = 0; int rc; Debug( LDAP_DEBUG_ARGS, "==>" LDAP_XSTRING(ndb_back_modrdn) "(%s,%s,%s)\n", op->o_req_dn.bv_val,op->oq_modrdn.rs_newrdn.bv_val, op->oq_modrdn.rs_newSup ? op->oq_modrdn.rs_newSup->bv_val : "NULL" ); ctrls[num_ctrls] = NULL; slap_mods_opattrs( op, &op->orr_modlist, 1 ); e.e_name = op->o_req_dn; e.e_nname = op->o_req_ndn; /* Get our NDB handle */ rs->sr_err = ndb_thread_handle( op, &NA.ndb ); rdns.nr_num = 0; NA.rdns = &rdns; NA.e = &e; NA2.ndb = NA.ndb; NA2.e = &e2; NA2.rdns = &rdn2; if( 0 ) { retry: /* transaction retry */ NA.txn->close(); NA.txn = NULL; if ( e.e_attrs ) { attrs_free( e.e_attrs ); e.e_attrs = NULL; } Debug( LDAP_DEBUG_TRACE, "==>" LDAP_XSTRING(ndb_back_modrdn) ": retrying...\n", 0, 0, 0 ); if ( op->o_abandon ) { rs->sr_err = SLAPD_ABANDON; goto return_results; } if ( NA2.ocs ) { ber_bvarray_free_x( NA2.ocs, op->o_tmpmemctx ); } if ( NA.ocs ) { ber_bvarray_free_x( NA.ocs, op->o_tmpmemctx ); } ndb_trans_backoff( ++num_retries ); } NA.ocs = NULL; NA2.ocs = NULL; /* begin transaction */ NA.txn = NA.ndb->startTransaction(); rs->sr_text = NULL; if( !NA.txn ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": startTransaction failed: %s (%d)\n", NA.ndb->getNdbError().message, NA.ndb->getNdbError().code, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } NA2.txn = NA.txn; /* get entry */ rs->sr_err = ndb_entry_get_info( op, &NA, 1, &matched ); switch( rs->sr_err ) { case 0: break; case LDAP_NO_SUCH_OBJECT: Debug( LDAP_DEBUG_ARGS, "<=- ndb_back_modrdn: no such object %s\n", op->o_req_dn.bv_val, 0, 0 ); rs->sr_matched = matched.bv_val; if ( NA.ocs ) ndb_check_referral( op, rs, &NA ); goto return_results; #if 0 case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; #endif case LDAP_BUSY: rs->sr_text = "ldap server busy"; goto return_results; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } /* acquire and lock entry */ rs->sr_err = ndb_entry_get_data( op, &NA, 1 ); if ( rs->sr_err ) goto return_results; if ( !manageDSAit && is_entry_glue( &e )) { rs->sr_err = LDAP_NO_SUCH_OBJECT; goto return_results; } if ( get_assert( op ) && ( test_filter( op, &e, (Filter *)get_assertion( op )) != LDAP_COMPARE_TRUE )) { rs->sr_err = LDAP_ASSERTION_FAILED; goto return_results; } /* check write on old entry */ rs->sr_err = access_allowed( op, &e, entry, NULL, ACL_WRITE, NULL ); if ( ! rs->sr_err ) { Debug( LDAP_DEBUG_TRACE, "no access to entry\n", 0, 0, 0 ); rs->sr_text = "no write access to old entry"; rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } /* Can't do it if we have kids */ rs->sr_err = ndb_has_children( &NA, &rc ); if ( rs->sr_err ) { Debug(LDAP_DEBUG_ARGS, "<=- " LDAP_XSTRING(ndb_back_modrdn) ": has_children failed: %s (%d)\n", NA.txn->getNdbError().message, NA.txn->getNdbError().code, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } if ( rc == LDAP_COMPARE_TRUE ) { Debug(LDAP_DEBUG_ARGS, "<=- " LDAP_XSTRING(ndb_back_modrdn) ": non-leaf %s\n", op->o_req_dn.bv_val, 0, 0); rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF; rs->sr_text = "subtree rename not supported"; goto return_results; } if (!manageDSAit && is_entry_referral( &e ) ) { /* entry is a referral, don't allow modrdn */ rs->sr_ref = get_entry_referrals( op, &e ); Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": entry %s is referral\n", e.e_dn, 0, 0 ); rs->sr_err = LDAP_REFERRAL, rs->sr_matched = op->o_req_dn.bv_val; rs->sr_flags = REP_REF_MUSTBEFREED; goto return_results; } if ( be_issuffix( op->o_bd, &e.e_nname ) ) { /* There can only be one suffix entry */ rs->sr_err = LDAP_NAMING_VIOLATION; rs->sr_text = "cannot rename suffix entry"; goto return_results; } else { dnParent( &e.e_nname, &e2.e_nname ); dnParent( &e.e_name, &e2.e_name ); } /* check parent for "children" acl */ rs->sr_err = access_allowed( op, &e2, children, NULL, op->oq_modrdn.rs_newSup == NULL ? ACL_WRITE : ACL_WDEL, NULL ); if ( ! rs->sr_err ) { rs->sr_err = LDAP_INSUFFICIENT_ACCESS; Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0, 0, 0 ); rs->sr_text = "no write access to old parent's children"; goto return_results; } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": wr to children " "of entry %s OK\n", e2.e_name.bv_val, 0, 0 ); if ( op->oq_modrdn.rs_newSup != NULL ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": new parent \"%s\" requested...\n", op->oq_modrdn.rs_newSup->bv_val, 0, 0 ); /* newSuperior == oldParent? */ if( dn_match( &e2.e_nname, op->oq_modrdn.rs_nnewSup ) ) { Debug( LDAP_DEBUG_TRACE, "bdb_back_modrdn: " "new parent \"%s\" same as the old parent \"%s\"\n", op->oq_modrdn.rs_newSup->bv_val, e2.e_name.bv_val, 0 ); op->oq_modrdn.rs_newSup = NULL; /* ignore newSuperior */ } } if ( op->oq_modrdn.rs_newSup != NULL ) { if ( op->oq_modrdn.rs_newSup->bv_len ) { rdn2.nr_num = 0; np_dn = op->oq_modrdn.rs_newSup; np_ndn = op->oq_modrdn.rs_nnewSup; /* newSuperior == oldParent? - checked above */ /* newSuperior == entry being moved?, if so ==> ERROR */ if ( dnIsSuffix( np_ndn, &e.e_nname )) { rs->sr_err = LDAP_NO_SUCH_OBJECT; rs->sr_text = "new superior not found"; goto return_results; } /* Get Entry with dn=newSuperior. Does newSuperior exist? */ e2.e_name = *np_dn; e2.e_nname = *np_ndn; rs->sr_err = ndb_entry_get_info( op, &NA2, 1, NULL ); switch( rs->sr_err ) { case 0: break; case LDAP_NO_SUCH_OBJECT: Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": newSup(ndn=%s) not here!\n", np_ndn->bv_val, 0, 0); rs->sr_text = "new superior not found"; goto return_results; #if 0 case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; #endif case LDAP_BUSY: rs->sr_text = "ldap server busy"; goto return_results; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } if ( NA2.ocs ) { Attribute a; int i; for ( i=0; !BER_BVISNULL( &NA2.ocs[i] ); i++); a.a_numvals = i; a.a_desc = slap_schema.si_ad_objectClass; a.a_vals = NA2.ocs; a.a_nvals = NA2.ocs; a.a_next = NULL; e2.e_attrs = &a; if ( is_entry_alias( &e2 )) { /* parent is an alias, don't allow move */ Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": entry is alias\n", 0, 0, 0 ); rs->sr_text = "new superior is an alias"; rs->sr_err = LDAP_ALIAS_PROBLEM; goto return_results; } if ( is_entry_referral( &e2 ) ) { /* parent is a referral, don't allow move */ Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": entry is referral\n", 0, 0, 0 ); rs->sr_text = "new superior is a referral"; rs->sr_err = LDAP_OTHER; goto return_results; } } } /* check newSuperior for "children" acl */ rs->sr_err = access_allowed( op, &e2, children, NULL, ACL_WADD, NULL ); if( ! rs->sr_err ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": no wr to newSup children\n", 0, 0, 0 ); rs->sr_text = "no write access to new superior's children"; rs->sr_err = LDAP_INSUFFICIENT_ACCESS; goto return_results; } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": wr to new parent OK id=%ld\n", (long) e2.e_id, 0, 0 ); } /* Build target dn and make sure target entry doesn't exist already. */ if (!new_dn.bv_val) { build_new_dn( &new_dn, &e2.e_name, &op->oq_modrdn.rs_newrdn, NULL ); } if (!new_ndn.bv_val) { build_new_dn( &new_ndn, &e2.e_nname, &op->oq_modrdn.rs_nnewrdn, NULL ); } Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": new ndn=%s\n", new_ndn.bv_val, 0, 0 ); /* Allow rename to same DN */ if ( !bvmatch ( &new_ndn, &e.e_nname )) { rdn2.nr_num = 0; e2.e_name = new_dn; e2.e_nname = new_ndn; NA2.ocs = &matched; rs->sr_err = ndb_entry_get_info( op, &NA2, 1, NULL ); NA2.ocs = NULL; switch( rs->sr_err ) { #if 0 case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; #endif case LDAP_NO_SUCH_OBJECT: break; case 0: rs->sr_err = LDAP_ALREADY_EXISTS; goto return_results; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } } assert( op->orr_modlist != NULL ); if( op->o_preread ) { if( preread_ctrl == NULL ) { preread_ctrl = &ctrls[num_ctrls++]; ctrls[num_ctrls] = NULL; } if( slap_read_controls( op, rs, &e, &slap_pre_read_bv, preread_ctrl ) ) { Debug( LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(ndb_back_modrdn) ": pre-read failed!\n", 0, 0, 0 ); if ( op->o_preread & SLAP_CONTROL_CRITICAL ) { /* FIXME: is it correct to abort * operation if control fails? */ goto return_results; } } } /* delete old DN */ rs->sr_err = ndb_entry_del_info( op->o_bd, &NA ); if ( rs->sr_err != 0 ) { Debug(LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(ndb_back_modrdn) ": dn2id del failed: %s (%d)\n", NA.txn->getNdbError().message, NA.txn->getNdbError().code, 0 ); #if 0 switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } #endif rs->sr_err = LDAP_OTHER; rs->sr_text = "DN index delete fail"; goto return_results; } /* copy entry fields */ e2.e_attrs = e.e_attrs; e2.e_id = e.e_id; /* add new DN */ rs->sr_err = ndb_entry_put_info( op->o_bd, &NA2, 0 ); if ( rs->sr_err != 0 ) { Debug(LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(ndb_back_modrdn) ": dn2id add failed: %s (%d)\n", NA.txn->getNdbError().message, NA.txn->getNdbError().code, 0 ); #if 0 switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } #endif rs->sr_err = LDAP_OTHER; rs->sr_text = "DN index add failed"; goto return_results; } /* modify entry */ rs->sr_err = ndb_modify_internal( op, &NA2, &rs->sr_text, textbuf, textlen ); if( rs->sr_err != LDAP_SUCCESS ) { Debug(LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(ndb_back_modrdn) ": modify failed: %s (%d)\n", NA.txn->getNdbError().message, NA.txn->getNdbError().code, 0 ); #if 0 switch( rs->sr_err ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; } #endif goto return_results; } e.e_attrs = e2.e_attrs; if( op->o_postread ) { if( postread_ctrl == NULL ) { postread_ctrl = &ctrls[num_ctrls++]; ctrls[num_ctrls] = NULL; } if( slap_read_controls( op, rs, &e2, &slap_post_read_bv, postread_ctrl ) ) { Debug( LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(ndb_back_modrdn) ": post-read failed!\n", 0, 0, 0 ); if ( op->o_postread & SLAP_CONTROL_CRITICAL ) { /* FIXME: is it correct to abort * operation if control fails? */ goto return_results; } } } if( op->o_noop ) { if (( rs->sr_err=NA.txn->execute( NdbTransaction::Rollback, NdbOperation::AbortOnError, 1 )) != 0 ) { rs->sr_text = "txn_abort (no-op) failed"; } else { rs->sr_err = LDAP_X_NO_OPERATION; } } else { if (( rs->sr_err=NA.txn->execute( NdbTransaction::Commit, NdbOperation::AbortOnError, 1 )) != 0 ) { rs->sr_text = "txn_commit failed"; } else { rs->sr_err = LDAP_SUCCESS; } } if( rs->sr_err != LDAP_SUCCESS && rs->sr_err != LDAP_X_NO_OPERATION ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": txn_%s failed: %s (%d)\n", op->o_noop ? "abort (no-op)" : "commit", NA.txn->getNdbError().message, NA.txn->getNdbError().code ); rs->sr_err = LDAP_OTHER; goto return_results; } NA.txn->close(); NA.txn = NULL; Debug(LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_modrdn) ": rdn modified%s id=%08lx dn=\"%s\"\n", op->o_noop ? " (no-op)" : "", e.e_id, op->o_req_dn.bv_val ); rs->sr_err = LDAP_SUCCESS; rs->sr_text = NULL; if( num_ctrls ) rs->sr_ctrls = ctrls; return_results: if ( NA2.ocs ) { ber_bvarray_free_x( NA2.ocs, op->o_tmpmemctx ); NA2.ocs = NULL; } if ( NA.ocs ) { ber_bvarray_free_x( NA.ocs, op->o_tmpmemctx ); NA.ocs = NULL; } if ( e.e_attrs ) { attrs_free( e.e_attrs ); e.e_attrs = NULL; } if( NA.txn != NULL ) { NA.txn->execute( Rollback ); NA.txn->close(); } send_ldap_result( op, rs ); slap_graduate_commit_csn( op ); if( new_dn.bv_val != NULL ) free( new_dn.bv_val ); if( new_ndn.bv_val != NULL ) free( new_ndn.bv_val ); if( preread_ctrl != NULL && (*preread_ctrl) != NULL ) { slap_sl_free( (*preread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx ); slap_sl_free( *preread_ctrl, op->o_tmpmemctx ); } if( postread_ctrl != NULL && (*postread_ctrl) != NULL ) { slap_sl_free( (*postread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx ); slap_sl_free( *postread_ctrl, op->o_tmpmemctx ); } rs->sr_text = NULL; return rs->sr_err; }
static int ndb_tool_next_id( Operation *op, NdbArgs *NA, struct berval *text, int hole ) { struct berval ndn = NA->e->e_nname; int rc; if (ndn.bv_len == 0) { NA->e->e_id = 0; return 0; } rc = ndb_entry_get_info( op, NA, 0, NULL ); if ( rc ) { Attribute *a, tmp = {0}; if ( !be_issuffix( op->o_bd, &ndn ) ) { struct dn_id *dptr; struct berval npdn; dnParent( &ndn, &npdn ); NA->e->e_nname = npdn; NA->rdns->nr_num--; rc = ndb_tool_next_id( op, NA, text, 1 ); NA->e->e_nname = ndn; NA->rdns->nr_num++; if ( rc ) { return rc; } /* If parent didn't exist, it was created just now * and its ID is now in e->e_id. */ dptr = (struct dn_id *)ch_malloc( sizeof( struct dn_id ) + npdn.bv_len + 1); dptr->id = NA->e->e_id; dptr->dn.bv_val = (char *)(dptr+1); strcpy(dptr->dn.bv_val, npdn.bv_val ); dptr->dn.bv_len = npdn.bv_len; if ( avl_insert( &myParents, dptr, ndb_dnid_cmp, avl_dup_error )) { ch_free( dptr ); } } rc = ndb_next_id( op->o_bd, myNdb, &NA->e->e_id ); if ( rc ) { snprintf( text->bv_val, text->bv_len, "next_id failed: %s (%d)", myNdb->getNdbError().message, myNdb->getNdbError().code ); Debug( LDAP_DEBUG_ANY, "=> ndb_tool_next_id: %s\n", text->bv_val, 0, 0 ); return rc; } if ( hole ) { a = NA->e->e_attrs; NA->e->e_attrs = &tmp; tmp.a_desc = slap_schema.si_ad_objectClass; tmp.a_vals = glueval; tmp.a_nvals = tmp.a_vals; tmp.a_numvals = 1; } rc = ndb_entry_put_info( op->o_bd, NA, 0 ); if ( hole ) { NA->e->e_attrs = a; } if ( rc ) { snprintf( text->bv_val, text->bv_len, "ndb_entry_put_info failed: %s (%d)", myNdb->getNdbError().message, myNdb->getNdbError().code ); Debug( LDAP_DEBUG_ANY, "=> ndb_tool_next_id: %s\n", text->bv_val, 0, 0 ); } else if ( hole ) { if ( nholes == nhmax - 1 ) { if ( holes == hbuf ) { holes = (dn_id *)ch_malloc( nhmax * sizeof(dn_id) * 2 ); AC_MEMCPY( holes, hbuf, sizeof(hbuf) ); } else { holes = (dn_id *)ch_realloc( holes, nhmax * sizeof(dn_id) * 2 ); } nhmax *= 2; } ber_dupbv( &holes[nholes].dn, &ndn ); holes[nholes++].id = NA->e->e_id; } } else if ( !hole ) { unsigned i; for ( i=0; i<nholes; i++) { if ( holes[i].id == NA->e->e_id ) { int j; free(holes[i].dn.bv_val); for (j=i;j<nholes;j++) holes[j] = holes[j+1]; holes[j].id = 0; nholes--; rc = ndb_entry_put_info( op->o_bd, NA, 1 ); break; } else if ( holes[i].id > NA->e->e_id ) { break; } } } return rc; }
extern "C" int ndb_back_add(Operation *op, SlapReply *rs ) { struct ndb_info *ni = (struct ndb_info *) op->o_bd->be_private; Entry p = {0}; Attribute poc; char textbuf[SLAP_TEXT_BUFLEN]; size_t textlen = sizeof textbuf; AttributeDescription *children = slap_schema.si_ad_children; AttributeDescription *entry = slap_schema.si_ad_entry; NdbArgs NA; NdbRdns rdns; struct berval matched; struct berval pdn, pndn; int num_retries = 0; int success; LDAPControl **postread_ctrl = NULL; LDAPControl *ctrls[SLAP_MAX_RESPONSE_CONTROLS]; int num_ctrls = 0; Debug(LDAP_DEBUG_ARGS, "==> " LDAP_XSTRING(ndb_back_add) ": %s\n", op->oq_add.rs_e->e_name.bv_val, 0, 0); ctrls[num_ctrls] = 0; /* check entry's schema */ rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL, get_relax(op), 1, NULL, &rs->sr_text, textbuf, textlen ); if ( rs->sr_err != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": entry failed schema check: " "%s (%d)\n", rs->sr_text, rs->sr_err, 0 ); goto return_results; } /* add opattrs to shadow as well, only missing attrs will actually * be added; helps compatibility with older OL versions */ rs->sr_err = slap_add_opattrs( op, &rs->sr_text, textbuf, textlen, 1 ); if ( rs->sr_err != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": entry failed op attrs add: " "%s (%d)\n", rs->sr_text, rs->sr_err, 0 ); goto return_results; } /* Get our NDB handle */ rs->sr_err = ndb_thread_handle( op, &NA.ndb ); /* * Get the parent dn and see if the corresponding entry exists. */ if ( be_issuffix( op->o_bd, &op->oq_add.rs_e->e_nname ) ) { pdn = slap_empty_bv; pndn = slap_empty_bv; } else { dnParent( &op->ora_e->e_name, &pdn ); dnParent( &op->ora_e->e_nname, &pndn ); } p.e_name = op->ora_e->e_name; p.e_nname = op->ora_e->e_nname; op->ora_e->e_id = NOID; rdns.nr_num = 0; NA.rdns = &rdns; if( 0 ) { retry: /* transaction retry */ NA.txn->close(); NA.txn = NULL; if ( op->o_abandon ) { rs->sr_err = SLAPD_ABANDON; goto return_results; } ndb_trans_backoff( ++num_retries ); } NA.txn = NA.ndb->startTransaction(); rs->sr_text = NULL; if( !NA.txn ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": startTransaction failed: %s (%d)\n", NA.ndb->getNdbError().message, NA.ndb->getNdbError().code, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } /* get entry or parent */ NA.e = &p; NA.ocs = NULL; rs->sr_err = ndb_entry_get_info( op, &NA, 0, &matched ); switch( rs->sr_err ) { case 0: rs->sr_err = LDAP_ALREADY_EXISTS; goto return_results; case LDAP_NO_SUCH_OBJECT: break; #if 0 case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto retry; #endif case LDAP_BUSY: rs->sr_text = "ldap server busy"; goto return_results; default: rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } if ( NA.ocs ) { int i; for ( i=0; !BER_BVISNULL( &NA.ocs[i] ); i++ ); poc.a_numvals = i; poc.a_desc = slap_schema.si_ad_objectClass; poc.a_vals = NA.ocs; poc.a_nvals = poc.a_vals; poc.a_next = NULL; p.e_attrs = &poc; } if ( ber_bvstrcasecmp( &pndn, &matched ) ) { rs->sr_matched = matched.bv_val; Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": parent " "does not exist\n", 0, 0, 0 ); rs->sr_text = "parent does not exist"; rs->sr_err = LDAP_NO_SUCH_OBJECT; if ( p.e_attrs && is_entry_referral( &p )) { is_ref: p.e_attrs = NULL; ndb_entry_get_data( op, &NA, 0 ); rs->sr_ref = get_entry_referrals( op, &p ); rs->sr_err = LDAP_REFERRAL; rs->sr_flags = REP_REF_MUSTBEFREED; attrs_free( p.e_attrs ); p.e_attrs = NULL; } goto return_results; } p.e_name = pdn; p.e_nname = pndn; rs->sr_err = access_allowed( op, &p, children, NULL, ACL_WADD, NULL ); if ( ! rs->sr_err ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": no write access to parent\n", 0, 0, 0 ); rs->sr_err = LDAP_INSUFFICIENT_ACCESS; rs->sr_text = "no write access to parent"; goto return_results; } if ( NA.ocs ) { if ( is_entry_subentry( &p )) { /* parent is a subentry, don't allow add */ Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": parent is subentry\n", 0, 0, 0 ); rs->sr_err = LDAP_OBJECT_CLASS_VIOLATION; rs->sr_text = "parent is a subentry"; goto return_results; } if ( is_entry_alias( &p ) ) { /* parent is an alias, don't allow add */ Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": parent is alias\n", 0, 0, 0 ); rs->sr_err = LDAP_ALIAS_PROBLEM; rs->sr_text = "parent is an alias"; goto return_results; } if ( is_entry_referral( &p ) ) { /* parent is a referral, don't allow add */ rs->sr_matched = p.e_name.bv_val; goto is_ref; } } rs->sr_err = access_allowed( op, op->ora_e, entry, NULL, ACL_WADD, NULL ); if ( ! rs->sr_err ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": no write access to entry\n", 0, 0, 0 ); rs->sr_err = LDAP_INSUFFICIENT_ACCESS; rs->sr_text = "no write access to entry"; goto return_results;; } /* * Check ACL for attribute write access */ if (!acl_check_modlist(op, op->ora_e, op->ora_modlist)) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_add) ": no write access to attribute\n", 0, 0, 0 ); rs->sr_err = LDAP_INSUFFICIENT_ACCESS; rs->sr_text = "no write access to attribute"; goto return_results;; } /* acquire entry ID */ if ( op->ora_e->e_id == NOID ) { rs->sr_err = ndb_next_id( op->o_bd, NA.ndb, &op->ora_e->e_id ); if( rs->sr_err != 0 ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": next_id failed (%d)\n", rs->sr_err, 0, 0 ); rs->sr_err = LDAP_OTHER; rs->sr_text = "internal error"; goto return_results; } } if ( matched.bv_val ) rdns.nr_num++; NA.e = op->ora_e; /* dn2id index */ rs->sr_err = ndb_entry_put_info( op->o_bd, &NA, 0 ); if ( rs->sr_err ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": ndb_entry_put_info failed (%d)\n", rs->sr_err, 0, 0 ); rs->sr_text = "internal error"; goto return_results; } /* id2entry index */ rs->sr_err = ndb_entry_put_data( op->o_bd, &NA ); if ( rs->sr_err ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": ndb_entry_put_data failed (%d) %s(%d)\n", rs->sr_err, NA.txn->getNdbError().message, NA.txn->getNdbError().code ); rs->sr_text = "internal error"; goto return_results; } /* post-read */ if( op->o_postread ) { if( postread_ctrl == NULL ) { postread_ctrl = &ctrls[num_ctrls++]; ctrls[num_ctrls] = NULL; } if ( slap_read_controls( op, rs, op->oq_add.rs_e, &slap_post_read_bv, postread_ctrl ) ) { Debug( LDAP_DEBUG_TRACE, "<=- " LDAP_XSTRING(ndb_back_add) ": post-read " "failed!\n", 0, 0, 0 ); if ( op->o_postread & SLAP_CONTROL_CRITICAL ) { /* FIXME: is it correct to abort * operation if control fails? */ goto return_results; } } } if ( op->o_noop ) { if (( rs->sr_err=NA.txn->execute( NdbTransaction::Rollback, NdbOperation::AbortOnError, 1 )) != 0 ) { rs->sr_text = "txn (no-op) failed"; } else { rs->sr_err = LDAP_X_NO_OPERATION; } } else { if(( rs->sr_err=NA.txn->execute( NdbTransaction::Commit, NdbOperation::AbortOnError, 1 )) != 0 ) { rs->sr_text = "txn_commit failed"; } else { rs->sr_err = LDAP_SUCCESS; } } if ( rs->sr_err != LDAP_SUCCESS && rs->sr_err != LDAP_X_NO_OPERATION ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": %s : %s (%d)\n", rs->sr_text, NA.txn->getNdbError().message, NA.txn->getNdbError().code ); rs->sr_err = LDAP_OTHER; goto return_results; } NA.txn->close(); NA.txn = NULL; Debug(LDAP_DEBUG_TRACE, LDAP_XSTRING(ndb_back_add) ": added%s id=%08lx dn=\"%s\"\n", op->o_noop ? " (no-op)" : "", op->oq_add.rs_e->e_id, op->oq_add.rs_e->e_dn ); rs->sr_text = NULL; if( num_ctrls ) rs->sr_ctrls = ctrls; return_results: success = rs->sr_err; send_ldap_result( op, rs ); slap_graduate_commit_csn( op ); if( NA.txn != NULL ) { NA.txn->execute( Rollback ); NA.txn->close(); } if( postread_ctrl != NULL && (*postread_ctrl) != NULL ) { slap_sl_free( (*postread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx ); slap_sl_free( *postread_ctrl, op->o_tmpmemctx ); } return rs->sr_err; }