|
Thanks to Nathan for his reviews and suggestions. Here's the
revised patch... Reduce the number of DN normalization . Adding SLAPI_TARGET_SDN as well as its macros, SLAPI_SEARCH_TARGET_ SDN SLAPI_ADD_TARGET_SDN, SLAPI_MODIFY_TARGET_SDN, etc. . Adding SLAPI_MODRDN_NEWSUPERIOR_SDN. . SLAPI_TARGET_DN and SLAPI_MODRDN_NEWSUPERIOR are kept for the back- ward compatibility. But they are marked as deprecated. They are pointing dn in SLAPI_TARGET_SDN and SLAPI_MODRDN_NEWSUPERIOR_SDN, respectively. . slapi_pblock_set(.., SLAPI_TARGET_DN/SLAPI_MODRDN_NEWSUPERIOR, dn) takes dn string and reset Slapi_DN to SLAPI_TARGET_SDN/SLAPI_MODRDN_ NEWSUPERIOR_SDN. . slapi_pblock_get(.., SLAPI_TARGET_DN/SLAPI_MODRDN_NEWSUPERIOR, &dn) retrieves dn out of SLAPI_TARGET_SDN/SLAPI_MODRDN_NEWSUPERIOR_SDN. . Replacing slapi_dn_normalization_ext call with generating Slapi_DN APIs (e.g., slapi_sdn_new_dn_...) as much as possible and stash it in pblock using SLAPI_TARGET_SDN. . When a normalized DN string is needed, get it using slapi_sdn_get_[n]dn from the stashed Slapi_DN. . Introduced a new field to Slapi_DN. "udn" for the original DN; "dn" is a normalized DN; "ndn" is a case- ignored normalized DN. Taking advantage of the knowledge of the stage of the DN, call the most efficient DN creating API (e.g., slapi_sdn_new_dn_... vs. slapi_sdn_new_normdn_... vs. slapi_sdn_new_ndn_...) Others . Replacing inefficient array assignment with memset (acl.c) and memcpy (idl_common.c). . Fixing invalid memory access in LASDnsBuild (lib/libaccess/lasdns.cpp). . Fixing compiler warnings. |
>From c8a522d1940b0d24bd9ef071d48b3d8c3196c83b Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@xxxxxxxxxx>
Date: Mon, 10 Oct 2011 17:08:07 -0700
Subject: [PATCH] Reduce the number of DN normalization
. Adding SLAPI_TARGET_SDN as well as its macros, SLAPI_SEARCH_TARGET_
SDN SLAPI_ADD_TARGET_SDN, SLAPI_MODIFY_TARGET_SDN, etc.
. Adding SLAPI_MODRDN_NEWSUPERIOR_SDN.
. SLAPI_TARGET_DN and SLAPI_MODRDN_NEWSUPERIOR are kept for the back-
ward compatibility. But they are marked as deprecated. They are
pointing dn in SLAPI_TARGET_SDN and SLAPI_MODRDN_NEWSUPERIOR_SDN,
respectively.
. slapi_pblock_set(.., SLAPI_TARGET_DN/SLAPI_MODRDN_NEWSUPERIOR, dn)
takes dn string and reset Slapi_DN to SLAPI_TARGET_SDN/SLAPI_MODRDN_
NEWSUPERIOR_SDN.
. slapi_pblock_get(.., SLAPI_TARGET_DN/SLAPI_MODRDN_NEWSUPERIOR, &dn)
retrieves dn out of SLAPI_TARGET_SDN/SLAPI_MODRDN_NEWSUPERIOR_SDN.
. Replacing slapi_dn_normalization_ext call with generating Slapi_DN
APIs (e.g., slapi_sdn_new_dn_...) as much as possible and stash it
in pblock using SLAPI_TARGET_SDN.
. When a normalized DN string is needed, get it using slapi_sdn_get_[n]dn
from the stashed Slapi_DN.
. Introduced a new field to Slapi_DN.
"udn" for the original DN; "dn" is a normalized DN; "ndn" is a case-
ignored normalized DN.
Taking advantage of the knowledge of the stage of the DN, call the
most efficient DN creating API (e.g., slapi_sdn_new_dn_... vs.
slapi_sdn_new_normdn_... vs. slapi_sdn_new_ndn_...)
Others
. Replacing inefficient array assignment with memset (acl.c) and
memcpy (idl_common.c).
. Fixing invalid memory access in LASDnsBuild (lib/libaccess/lasdns.cpp).
. Fixing compiler warnings.
---
ldap/servers/plugins/acctpolicy/acct_plugin.c | 11 +-
ldap/servers/plugins/acl/acl.c | 46 +--
ldap/servers/plugins/acl/acl.h | 2 +-
ldap/servers/plugins/acl/acl_ext.c | 8 +-
ldap/servers/plugins/acl/acleffectiverights.c | 9 +-
ldap/servers/plugins/acl/acllas.c | 32 +-
ldap/servers/plugins/acl/acllist.c | 43 +-
ldap/servers/plugins/acl/aclparse.c | 20 +-
ldap/servers/plugins/acl/aclplugin.c | 8 +-
ldap/servers/plugins/automember/automember.c | 90 ++---
ldap/servers/plugins/chainingdb/cb_add.c | 29 +-
ldap/servers/plugins/chainingdb/cb_bind.c | 61 ++--
ldap/servers/plugins/chainingdb/cb_compare.c | 46 ++-
ldap/servers/plugins/chainingdb/cb_controls.c | 6 +-
ldap/servers/plugins/chainingdb/cb_delete.c | 43 ++-
ldap/servers/plugins/chainingdb/cb_instance.c | 24 +-
ldap/servers/plugins/chainingdb/cb_modify.c | 55 ++--
ldap/servers/plugins/chainingdb/cb_modrdn.c | 39 ++-
ldap/servers/plugins/chainingdb/cb_search.c | 123 ++++---
ldap/servers/plugins/chainingdb/cb_utils.c | 2 +-
ldap/servers/plugins/cos/cos_cache.c | 6 +-
ldap/servers/plugins/dna/dna.c | 62 ++-
ldap/servers/plugins/linkedattrs/linked_attrs.c | 40 ++-
ldap/servers/plugins/linkedattrs/linked_attrs.h | 2 +-
ldap/servers/plugins/memberof/memberof.c | 10 +-
ldap/servers/plugins/mep/mep.c | 151 ++++----
ldap/servers/plugins/pam_passthru/pam_passthru.h | 2 +-
ldap/servers/plugins/pam_passthru/pam_ptconfig.c | 2 +-
ldap/servers/plugins/pam_passthru/pam_ptimpl.c | 16 +-
ldap/servers/plugins/pam_passthru/pam_ptpreop.c | 9 +-
ldap/servers/plugins/passthru/passthru.h | 4 +-
ldap/servers/plugins/passthru/ptbind.c | 6 +-
ldap/servers/plugins/passthru/ptconn.c | 8 +-
ldap/servers/plugins/passthru/ptpreop.c | 17 +-
ldap/servers/plugins/referint/referint.c | 19 +-
ldap/servers/plugins/replication/cl4_api.c | 2 +-
ldap/servers/plugins/replication/cl5_api.c | 80 ++--
ldap/servers/plugins/replication/cl5_test.c | 2 +-
ldap/servers/plugins/replication/legacy_consumer.c | 14 +-
ldap/servers/plugins/replication/repl.h | 2 +-
ldap/servers/plugins/replication/repl5.h | 2 +
ldap/servers/plugins/replication/repl5_agmt.c | 11 +-
ldap/servers/plugins/replication/repl5_agmtlist.c | 22 +-
.../plugins/replication/repl5_inc_protocol.c | 12 +-
ldap/servers/plugins/replication/repl5_init.c | 4 +-
.../servers/plugins/replication/repl5_mtnode_ext.c | 13 +-
ldap/servers/plugins/replication/repl5_plugins.c | 2 +-
ldap/servers/plugins/replication/repl5_replica.c | 8 +-
.../plugins/replication/repl5_replica_config.c | 8 +-
ldap/servers/plugins/replication/repl_bind.c | 6 +-
ldap/servers/plugins/replication/repl_compare.c | 17 +-
ldap/servers/plugins/replication/repl_connext.c | 2 +-
ldap/servers/plugins/replication/repl_extop.c | 25 +-
ldap/servers/plugins/replication/replutil.c | 2 +-
ldap/servers/plugins/replication/urp.c | 62 ++--
.../plugins/replication/windows_protocol_util.c | 34 +-
ldap/servers/plugins/retrocl/retrocl_po.c | 8 +-
ldap/servers/plugins/roles/roles_cache.c | 10 +-
ldap/servers/plugins/statechange/statechange.c | 19 +-
ldap/servers/plugins/uiduniq/7bit.c | 41 ++-
ldap/servers/plugins/uiduniq/uid.c | 137 ++++----
ldap/servers/plugins/views/views.c | 11 +-
ldap/servers/slapd/add.c | 68 ++--
ldap/servers/slapd/auditlog.c | 25 +-
ldap/servers/slapd/back-ldbm/dblayer.c | 2 -
ldap/servers/slapd/back-ldbm/dn2entry.c | 27 +-
ldap/servers/slapd/back-ldbm/findentry.c | 18 +-
ldap/servers/slapd/back-ldbm/id2entry.c | 20 +-
ldap/servers/slapd/back-ldbm/idl_common.c | 6 +-
ldap/servers/slapd/back-ldbm/import-threads.c | 74 ++--
ldap/servers/slapd/back-ldbm/instance.c | 1 +
ldap/servers/slapd/back-ldbm/ldbm_add.c | 45 ++-
ldap/servers/slapd/back-ldbm/ldbm_config.c | 30 ++-
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 16 +-
ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c | 4 +-
.../servers/slapd/back-ldbm/ldbm_instance_config.c | 21 +-
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 2 +-
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 111 +++---
ldap/servers/slapd/back-ldbm/ldbm_search.c | 87 +++--
ldap/servers/slapd/back-ldbm/ldif2ldbm.c | 32 +-
ldap/servers/slapd/back-ldbm/misc.c | 3 +-
ldap/servers/slapd/back-ldbm/vlv_srch.c | 2 +-
ldap/servers/slapd/bind.c | 79 ++---
ldap/servers/slapd/bulk_import.c | 39 +--
ldap/servers/slapd/compare.c | 36 +-
ldap/servers/slapd/delete.c | 77 ++--
ldap/servers/slapd/dn.c | 403 ++++++++++++++------
ldap/servers/slapd/dse.c | 98 ++----
ldap/servers/slapd/entry.c | 142 +++++---
ldap/servers/slapd/extendop.c | 21 +-
ldap/servers/slapd/fedse.c | 2 +-
ldap/servers/slapd/libglobs.c | 5 +-
ldap/servers/slapd/main.c | 32 ++-
ldap/servers/slapd/mapping_tree.c | 24 +-
ldap/servers/slapd/modify.c | 78 ++---
ldap/servers/slapd/modrdn.c | 247 ++++++------
ldap/servers/slapd/operation.c | 25 +-
ldap/servers/slapd/opshared.c | 120 ++++---
ldap/servers/slapd/passwd_extop.c | 140 +++----
ldap/servers/slapd/pblock.c | 120 +++++-
ldap/servers/slapd/plugin.c | 80 ++--
ldap/servers/slapd/plugin_acl.c | 19 +-
ldap/servers/slapd/plugin_internal_op.c | 99 +++---
ldap/servers/slapd/plugin_syntax.c | 10 +-
ldap/servers/slapd/proxyauth.c | 4 +-
ldap/servers/slapd/psearch.c | 64 ++--
ldap/servers/slapd/pw.c | 17 +-
ldap/servers/slapd/pw_retry.c | 36 ++-
ldap/servers/slapd/rdn.c | 20 +-
ldap/servers/slapd/referral.c | 21 +-
ldap/servers/slapd/result.c | 10 +-
ldap/servers/slapd/saslbind.c | 25 +-
ldap/servers/slapd/search.c | 42 +--
ldap/servers/slapd/slap.h | 5 +-
ldap/servers/slapd/slapi-plugin.h | 247 +++++++++++--
ldap/servers/slapd/slapi-private.h | 8 +-
ldap/servers/slapd/task.c | 54 +++-
ldap/servers/slapd/tools/ldclt/ldapfct.c | 5 +-
lib/libaccess/lasdns.cpp | 8 +-
119 files changed, 2656 insertions(+), 2007 deletions(-)
diff --git a/ldap/servers/plugins/acctpolicy/acct_plugin.c b/ldap/servers/plugins/acctpolicy/acct_plugin.c
index 6d9edb3..5969bec 100644
--- a/ldap/servers/plugins/acctpolicy/acct_plugin.c
+++ b/ldap/servers/plugins/acctpolicy/acct_plugin.c
@@ -32,7 +32,7 @@ Hewlett-Packard Development Company, L.P.
login time plus the limit to decide whether to deny the bind.
*/
static int
-acct_inact_limit( Slapi_PBlock *pb, char *dn, Slapi_Entry *target_entry, acctPolicy *policy )
+acct_inact_limit( Slapi_PBlock *pb, const char *dn, Slapi_Entry *target_entry, acctPolicy *policy )
{
char *lasttimestr = NULL;
time_t lim_t, last_t, cur_t;
@@ -153,7 +153,7 @@ done:
int
acct_bind_preop( Slapi_PBlock *pb )
{
- char *dn = NULL;
+ const char *dn = NULL;
Slapi_DN *sdn = NULL;
Slapi_Entry *target_entry = NULL;
int rc = 0; /* Optimistic default */
@@ -167,20 +167,19 @@ acct_bind_preop( Slapi_PBlock *pb )
plugin_id = get_identity();
/* This does not give a copy, so don't free it */
- if( slapi_pblock_get( pb, SLAPI_BIND_TARGET, &dn ) != 0 ) {
+ if( slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &sdn ) != 0 ) {
slapi_log_error( SLAPI_LOG_FATAL, PRE_PLUGIN_NAME,
"Error retrieving target DN\n" );
rc = -1;
goto done;
}
+ dn = slapi_sdn_get_dn(sdn);
/* The plugin wouldn't get called for anonymous binds but let's check */
if ( dn == NULL ) {
goto done;
}
- sdn = slapi_sdn_new_dn_byref( dn );
-
ldrc = slapi_search_internal_get_entry( sdn, NULL, &target_entry,
plugin_id );
@@ -222,8 +221,6 @@ done:
slapi_entry_free( target_entry );
- slapi_sdn_free( &sdn );
-
free_acctpolicy( &policy );
slapi_log_error( SLAPI_LOG_PLUGIN, PRE_PLUGIN_NAME,
diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c
index 2794694..0e440aa 100644
--- a/ldap/servers/plugins/acl/acl.c
+++ b/ldap/servers/plugins/acl/acl.c
@@ -95,8 +95,8 @@ static void print_access_control_summary( char * source,
char *attr,
const char *edn,
aclResultReason_t *acl_reason);
-static int check_rdn_access( Slapi_PBlock *pb,Slapi_Entry *e, char * newrdn,
- int access);
+static int check_rdn_access( Slapi_PBlock *pb, Slapi_Entry *e,
+ const char * newrdn, int access);
/*
@@ -117,7 +117,9 @@ acl_access_allowed_modrdn(
)
{
int retCode ;
- char *newrdn, *oldrdn;
+ char *newrdn;
+ const char *oldrdn;
+ Slapi_DN *target_sdn = NULL;
int deleteoldrdn = 0;
/*
@@ -134,9 +136,8 @@ acl_access_allowed_modrdn(
}
/* Now get the new rdn attribute name and value */
-
- slapi_pblock_get( pb, SLAPI_MODRDN_TARGET, &oldrdn );
- slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
+ slapi_pblock_get( pb, SLAPI_MODRDN_TARGET_SDN, &target_sdn );
+ slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
/* Check can add the new naming attribute */
retCode = check_rdn_access( pb, e, newrdn, ACLPB_SLAPI_ACL_WRITE_ADD) ;
@@ -149,6 +150,7 @@ acl_access_allowed_modrdn(
/* Check can delete the new naming attribute--if required */
slapi_pblock_get( pb, SLAPI_MODRDN_DELOLDRDN, &deleteoldrdn );
if ( deleteoldrdn ) {
+ oldrdn = slapi_sdn_get_dn(target_sdn);
retCode = check_rdn_access( pb, e, oldrdn, ACLPB_SLAPI_ACL_WRITE_DEL) ;
if ( retCode != LDAP_SUCCESS ) {
slapi_log_error( SLAPI_LOG_ACL, plugin_name,
@@ -164,7 +166,7 @@ acl_access_allowed_modrdn(
* Test if have access to make the first rdn of dn in entry e.
*/
-static int check_rdn_access( Slapi_PBlock *pb, Slapi_Entry *e, char *dn,
+static int check_rdn_access( Slapi_PBlock *pb, Slapi_Entry *e, const char *dn,
int access) {
char **dns;
@@ -320,7 +322,7 @@ acl_access_allowed(
TNF_PROBE_0_DEBUG(acl_skipaccess_end,"ACL","");
- /* Get the bindDN */
+ /* Get the bindDN (normalized & case-ignored) */
slapi_pblock_get ( pb, SLAPI_REQUESTOR_DN, &clientDn );
/* Initialize aclpb */
@@ -486,7 +488,7 @@ acl_access_allowed(
TNF_PROBE_0_DEBUG(acl_aciscan_start,"ACL","");
slapi_sdn_done ( aclpb->aclpb_curr_entry_sdn );
- slapi_sdn_set_dn_byval ( aclpb->aclpb_curr_entry_sdn, n_edn );
+ slapi_sdn_set_ndn_byval ( aclpb->aclpb_curr_entry_sdn, n_edn );
acllist_aciscan_update_scan ( aclpb, n_edn );
TNF_PROBE_0_DEBUG(acl_aciscan_end,"ACL","");
@@ -1064,16 +1066,14 @@ acl_read_access_allowed_on_entry (
* which was found in the entry and that attribute is
* now in aclpb_Evalattr
*/
- aclpb->aclpb_state |=
- ACLPB_ACCESS_ALLOWED_USERATTR;
+ aclpb->aclpb_state |= ACLPB_ACCESS_ALLOWED_USERATTR;
} else {
#endif /* DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES */
/*
* Access was granted to _an_ attribute in the entry and that
* attribute is now in aclpb_Evalattr
*/
- aclpb->aclpb_state |=
- ACLPB_ACCESS_ALLOWED_ON_A_ATTR;
+ aclpb->aclpb_state |= ACLPB_ACCESS_ALLOWED_ON_A_ATTR;
#ifdef DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES
}
#endif /* DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES */
@@ -1084,8 +1084,8 @@ acl_read_access_allowed_on_entry (
} else {
/* try the next one */
attr_type = NULL;
-#ifdef DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES
- if (attr_index >= 0) {
+#ifdef DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES
+ if (attr_index >= 0) {
attr_type = attrs[attr_index++];
} else {
#endif /* DETERMINE_ACCESS_BASED_ON_REQUESTED_ATTRIBUTES */
@@ -1544,7 +1544,7 @@ acl_modified (Slapi_PBlock *pb, int optype, char *n_dn, void *change)
Slapi_DN *e_sdn;
aclUserGroup *ugroup = NULL;
- e_sdn = slapi_sdn_new_ndn_byval ( n_dn );
+ e_sdn = slapi_sdn_new_normdn_byval ( n_dn );
/* Before we proceed, Let's first check if we are changing any groups.
** If we are, then we need to change the signature
*/
@@ -1834,7 +1834,6 @@ acl__scan_for_acis(Acl_PBlock *aclpb, int *err)
int allow_handle;
int gen_allow_handle = ACI_MAX_ELEVEL+1;
int gen_deny_handle = ACI_MAX_ELEVEL+1;
- int i;
PRUint32 cookie;
TNF_PROBE_0_DEBUG(acl__scan_for_acis_start,"ACL","");
@@ -1847,20 +1846,18 @@ acl__scan_for_acis(Acl_PBlock *aclpb, int *err)
aclpb->aclpb_handles_index[0] != -1 ) {
int kk = 0;
while ( kk < ACLPB_MAX_SELECTED_ACLS && aclpb->aclpb_handles_index[kk] != -1 ) {
- slapi_log_error(SLAPI_LOG_ACL, plugin_name, "Using ACL Cointainer:%d for evaluation\n", kk);
+ slapi_log_error(SLAPI_LOG_ACL, plugin_name, "Using ACL Container:%d for evaluation\n", kk);
kk++;
}
}
-
+
memset (&errp, 0, sizeof(NSErr_t));
*err = ACL_FALSE;
aclpb->aclpb_num_deny_handles = -1;
aclpb->aclpb_num_allow_handles = -1;
- for (i=0; i <= ACI_MAX_ELEVEL; i++) {
- aclpb->aclpb_deny_handles [i] = NULL;
- aclpb->aclpb_allow_handles [i] = NULL;
- }
-
+ memset(aclpb->aclpb_deny_handles, 0, sizeof(aci_t *)*(ACI_MAX_ELEVEL+1));
+ memset(aclpb->aclpb_allow_handles, 0, sizeof(aci_t *)*(ACI_MAX_ELEVEL+1));
+
/* Check the signature. If it has changed, start fresh */
if ( aclpb->aclpb_signature != acl_signature ) {
slapi_log_error (SLAPI_LOG_ACL, plugin_name,
@@ -1871,7 +1868,6 @@ acl__scan_for_acis(Acl_PBlock *aclpb, int *err)
attr_matched = ACL_FALSE;
deny_handle = 0;
allow_handle = 0;
- i = 0;
aclpb->aclpb_stat_acllist_scanned++;
aci = acllist_get_first_aci ( aclpb, &cookie );
diff --git a/ldap/servers/plugins/acl/acl.h b/ldap/servers/plugins/acl/acl.h
index 0d97769..8747de1 100644
--- a/ldap/servers/plugins/acl/acl.h
+++ b/ldap/servers/plugins/acl/acl.h
@@ -838,7 +838,7 @@ void aclutil_print_resource( struct acl_pblock *aclpb, char *right , char *attr
char * aclutil_expand_paramString ( char *str, Slapi_Entry *e );
-void acllist_init_scan (Slapi_PBlock *pb, int scope, char *base);
+void acllist_init_scan (Slapi_PBlock *pb, int scope, const char *base);
aci_t * acllist_get_first_aci (Acl_PBlock *aclpb, PRUint32 *cookie );
aci_t * acllist_get_next_aci ( Acl_PBlock *aclpb, aci_t *curraci, PRUint32 *cookie );
aci_t * acllist_get_aci_new ();
diff --git a/ldap/servers/plugins/acl/acl_ext.c b/ldap/servers/plugins/acl/acl_ext.c
index 61d8dd1..df7d1ed 100644
--- a/ldap/servers/plugins/acl/acl_ext.c
+++ b/ldap/servers/plugins/acl/acl_ext.c
@@ -658,7 +658,7 @@ error:
/* Initializes the aclpb */
void
-acl_init_aclpb ( Slapi_PBlock *pb , Acl_PBlock *aclpb, const char *dn, int copy_from_aclcb)
+acl_init_aclpb ( Slapi_PBlock *pb , Acl_PBlock *aclpb, const char *ndn, int copy_from_aclcb)
{
struct acl_cblock *aclcb = NULL;
char *authType;
@@ -685,8 +685,8 @@ acl_init_aclpb ( Slapi_PBlock *pb , Acl_PBlock *aclpb, const char *dn, int copy_
aclpb->aclpb_state = ACLPB_INITIALIZED;
/* We make an anonymous user a non null dn which is empty */
- if (dn && *dn != '\0' )
- slapi_sdn_set_ndn_byval ( aclpb->aclpb_authorization_sdn, dn );
+ if (ndn && *ndn != '\0' )
+ slapi_sdn_set_ndn_byval ( aclpb->aclpb_authorization_sdn, ndn );
else
slapi_sdn_set_ndn_byval ( aclpb->aclpb_authorization_sdn, "" );
@@ -716,7 +716,7 @@ acl_init_aclpb ( Slapi_PBlock *pb , Acl_PBlock *aclpb, const char *dn, int copy_
slapi_pblock_get ( pb, SLAPI_CONN_CERT, &aclpb->aclpb_clientcert );
/* See if the we have already a cached info about user's group */
- aclg_init_userGroup ( aclpb, dn, 0 /* get lock */ );
+ aclg_init_userGroup ( aclpb, ndn, 0 /* get lock */ );
slapi_pblock_get( pb, SLAPI_BE_MAXNESTLEVEL, &aclpb->aclpb_max_nesting_level );
slapi_pblock_get( pb, SLAPI_SEARCH_SIZELIMIT, &aclpb->aclpb_max_member_sizelimit );
diff --git a/ldap/servers/plugins/acl/acleffectiverights.c b/ldap/servers/plugins/acl/acleffectiverights.c
index b596c8f..9b47dbc 100644
--- a/ldap/servers/plugins/acl/acleffectiverights.c
+++ b/ldap/servers/plugins/acl/acleffectiverights.c
@@ -284,6 +284,7 @@ _ger_parse_control (
slapi_ch_free_string(&orig);
*subjectndn = normed;
}
+ slapi_dn_ignore_case(*subjectndn);
return LDAP_SUCCESS;
}
@@ -839,7 +840,8 @@ _ger_generate_template_entry (
char *object = NULL;
char *superior = NULL;
char *p = NULL;
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
char *dntype = NULL;
int siz = 0;
int len = 0;
@@ -856,8 +858,6 @@ _ger_generate_template_entry (
rc = LDAP_SUCCESS;
goto bailout;
}
- /* get the target dn where the template entry is located */
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
for (i = 0; gerattrs && gerattrs[i]; i++)
{
object = strchr(gerattrs[i], '@');
@@ -907,6 +907,9 @@ _ger_generate_template_entry (
siz += strlen(attrs[i]) + 4 + 20;
}
}
+ /* get the target dn where the template entry is located */
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
if (dn)
{
/* dn: <attr>=<template_name>,<dn>\n\0 */
diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c
index e08c70c..0fcd163 100644
--- a/ldap/servers/plugins/acl/acllas.c
+++ b/ldap/servers/plugins/acl/acllas.c
@@ -671,19 +671,17 @@ DS_LASUserDnEval(NSErr_t *errp, char *attr_name, CmpOp_t comparator,
break;
}
if (rc == ACL_ERR) {
- slapi_log_error( SLAPI_LOG_ACL, plugin_name,
- "DS_LASUserDnEval:Error in matching patteren(%s)\n",
- user);
+ slapi_log_error( SLAPI_LOG_ACL, plugin_name,
+ "DS_LASUserDnEval:Error in matching patteren(%s)\n",
+ user);
}
slapi_filter_free(f,1);
} else {
/* Must be a simple dn then */
- char *normed = NULL;
- size_t dnlen = 0;
- rc = slapi_dn_normalize_ext(user, 0, &normed, &dnlen);
- if (rc == 0) { /* user passed in; not terminated */
- *(normed + dnlen) = '\0';
- } else if (rc < 0) { /* normalization failed, user the original */
+ char *normed = slapi_create_dn_string("%s", user);
+ if (NULL == normed) {
+ slapi_log_error( SLAPI_LOG_FATAL, plugin_name,
+ "DS_LASUserDnEval:Error in normalizing dn(%s)\n", user);
normed = user;
}
rc = slapi_utf8casecmp((ACLUCHP)lasinfo.clientDn, (ACLUCHP)normed);
@@ -2375,7 +2373,7 @@ static int
acllas__handle_group_entry (Slapi_Entry* e, void *callback_data)
{
struct eval_info *info;
- Slapi_Attr *currAttr, *nextAttr;
+ Slapi_Attr *currAttr, *nextAttr;
char *n_dn = NULL, *attrType;
int n;
int i;
@@ -2383,7 +2381,7 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data)
info = (struct eval_info *) callback_data;
info->result = ACL_FALSE;
- if (e == NULL) {
+ if (e == NULL) {
return 0;
}
@@ -2397,14 +2395,14 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data)
Slapi_Value *sval = NULL;
const struct berval *attrVal;
- if ((strcasecmp (attrType, type_member) == 0) ||
- (strcasecmp (attrType, type_uniquemember) == 0 )) {
+ if ((strcasecmp (attrType, type_member) == 0) ||
+ (strcasecmp (attrType, type_uniquemember) == 0 )) {
i = slapi_attr_first_value ( currAttr,&sval );
while ( i != -1 ) {
struct member_info *groupMember = NULL;
attrVal = slapi_value_get_berval ( sval );
- n_dn = slapi_create_dn_string( attrVal->bv_val );
+ n_dn = slapi_create_dn_string( "%s", attrVal->bv_val );
if (NULL == n_dn) {
slapi_log_error( SLAPI_LOG_FATAL, plugin_name,
"acllas__handle_group_entry: Invalid syntax: %s\n",
@@ -3598,9 +3596,9 @@ acllas__client_match_URL (struct acl_pblock *aclpb, char *n_clientdn, char *url
}
/* else - rawdn normalized in place */
normed = slapi_ch_smprintf("%s%s%s%s%s",
- (prefix_len==LDAP_URL_prefix_len)?
- LDAP_URL_prefix_core:LDAPS_URL_prefix_core,
- hostport?hostport:"", dn, p?"?":"",p?p+1:"");
+ (prefix_len==LDAP_URL_prefix_len)?
+ LDAP_URL_prefix_core:LDAPS_URL_prefix_core,
+ hostport?hostport:"", dn, p?"?":"",p?p+1:"");
if (p) {
*p = Q; /* put the Q back in rawdn which will un-null terminate the DN part */
}
diff --git a/ldap/servers/plugins/acl/acllist.c b/ldap/servers/plugins/acl/acllist.c
index b95baac..c3ce351 100644
--- a/ldap/servers/plugins/acl/acllist.c
+++ b/ldap/servers/plugins/acl/acllist.c
@@ -597,7 +597,7 @@ static void free_targetattrfilters( Targetattrfilter ***attrFilterArray) {
/* SEARCH */
void
-acllist_init_scan (Slapi_PBlock *pb, int scope, char *base)
+acllist_init_scan (Slapi_PBlock *pb, int scope, const char *base)
{
Acl_PBlock *aclpb;
int i;
@@ -625,7 +625,7 @@ acllist_init_scan (Slapi_PBlock *pb, int scope, char *base)
/* If base is NULL - it means we are going to go thru all the ACLs
* This is needed when we do anonymous profile generation.
- */
+ */
if ( NULL == base ) {
return;
}
@@ -638,22 +638,28 @@ acllist_init_scan (Slapi_PBlock *pb, int scope, char *base)
index = 0;
aclpb->aclpb_search_base = slapi_ch_strdup ( base );
- while (basedn ) {
+ while (basedn) {
char *tmp = NULL;
- slapi_sdn_set_ndn_byref ( aclpb->aclpb_aclContainer->acic_sdn, basedn );
+ slapi_sdn_set_normdn_byref(aclpb->aclpb_aclContainer->acic_sdn, basedn);
- root = (AciContainer *) avl_find( acllistRoot,
- (caddr_t) aclpb->aclpb_aclContainer,
- (IFP) __acllist_aciContainer_node_cmp);
+ root = (AciContainer *) avl_find(acllistRoot,
+ (caddr_t) aclpb->aclpb_aclContainer,
+ (IFP) __acllist_aciContainer_node_cmp);
if ( index >= ACLPB_MAX_SELECTED_ACLS -2 ) {
aclpb->aclpb_handles_index[0] = -1;
slapi_ch_free ( (void **) &basedn);
break;
- } else if ( NULL != root ) {
+ } else if ( NULL != root ) {
aclpb->aclpb_base_handles_index[index++] = root->acic_index;
aclpb->aclpb_base_handles_index[index] = -1;
- }
+ } else if ( NULL == root ) {
+ /* slapi_dn_parent returns the "parent" dn syntactically.
+ * Most likely, basedn is above suffix (e.g., dn=com).
+ * Thus, no need to make it FATAL. */
+ slapi_log_error ( SLAPI_LOG_ACL, plugin_name,
+ "Failed to find root for base: %s \n", basedn );
+ }
tmp = slapi_dn_parent ( basedn );
slapi_ch_free ( (void **) &basedn);
basedn = tmp;
@@ -679,11 +685,12 @@ acllist_init_scan (Slapi_PBlock *pb, int scope, char *base)
* the given operation.
*/
+/* edn is normalized & case-ignored */
void
acllist_aciscan_update_scan ( Acl_PBlock *aclpb, char *edn )
{
- int i, index = 0;
+ int index = 0;
char *basedn = NULL;
AciContainer *root;
int is_not_search_base = 1;
@@ -700,15 +707,13 @@ acllist_aciscan_update_scan ( Acl_PBlock *aclpb, char *edn )
* This stuff is only used if it's a search operation.
*/
if ( aclpb->aclpb_search_base ) {
- while ( aclpb->aclpb_base_handles_index[index] != -1 &&
- index < ACLPB_MAX_SELECTED_ACLS -2 ) {
- aclpb->aclpb_handles_index[index] =
- aclpb->aclpb_base_handles_index[index];
- index++;
- }
if ( strcasecmp ( edn, aclpb->aclpb_search_base) == 0) {
is_not_search_base = 0;
}
+ for (index = 0; (aclpb->aclpb_base_handles_index[index] != -1) &&
+ (index < ACLPB_MAX_SELECTED_ACLS - 2); index++) ;
+ memcpy(aclpb->aclpb_handles_index, aclpb->aclpb_base_handles_index,
+ sizeof(int) * index);
}
aclpb->aclpb_handles_index[index] = -1;
@@ -760,11 +765,6 @@ acllist_aciscan_update_scan ( Acl_PBlock *aclpb, char *edn )
}
acllist_done_aciContainer ( aclpb->aclpb_aclContainer );
- i = 0;
- while ( i < ACLPB_MAX_SELECTED_ACLS && aclpb->aclpb_handles_index[i] != -1 ) {
- i++;
- }
-
}
aci_t *
@@ -889,6 +889,7 @@ acllist_acicache_WRITE_LOCK( )
}
/* This routine must be called with the acicache write lock taken */
+/* newdn is normalized & case-ignored */
int
acllist_moddn_aci_needsLock ( Slapi_DN *oldsdn, char *newdn )
{
diff --git a/ldap/servers/plugins/acl/aclparse.c b/ldap/servers/plugins/acl/aclparse.c
index a137db9..a0e950f 100644
--- a/ldap/servers/plugins/acl/aclparse.c
+++ b/ldap/servers/plugins/acl/aclparse.c
@@ -533,8 +533,7 @@ __aclp__copy_normalized_str (char *src, char *endsrc, char *start,
{
char *p = NULL;
int rc = -1;
- char *dn = NULL;
- size_t dnlen = 0;
+ const char *dn = NULL;
p = PL_strnstr(src, LDAP_URL_prefix, endsrc - src);
if (p) {
@@ -553,6 +552,8 @@ __aclp__copy_normalized_str (char *src, char *endsrc, char *start,
rc = 0;
if (p && strlen(p) > 0) {
size_t len = 0;
+ Slapi_DN sdn = {0};
+ char bak;
/* strip the string starting from ? */
char *q = PL_strnchr(p, '?', endsrc - p);
if (q) {
@@ -560,18 +561,17 @@ __aclp__copy_normalized_str (char *src, char *endsrc, char *start,
} else {
len = endsrc - p;
}
+ bak = *(p + len);
+ *(p + len) = '\0';
/* Normalize the value of userdn and append it to ret_str */
- rc = slapi_dn_normalize_ext(p, len, &dn, &dnlen);
- if (rc < 0) {
- return rc;
- }
+ slapi_sdn_init_dn_byref(&sdn, p);
+ dn = slapi_sdn_get_dn(&sdn);
/* append up to ldap(s):/// */
aclutil_str_append_ext(dest, destlen, start, p - start);
/* append the DN part */
- aclutil_str_append_ext(dest, destlen, dn, dnlen);
- if (rc > 0) { /* if rc == 0, p is passed in */
- slapi_ch_free_string(&dn);
- }
+ aclutil_str_append_ext(dest, destlen, dn, strlen(dn));
+ slapi_sdn_done(&sdn);
+ *(p + len) = bak;
if (q) {
/* append the rest from '?' */
aclutil_str_append_ext(dest, destlen, q, endsrc - q);
diff --git a/ldap/servers/plugins/acl/aclplugin.c b/ldap/servers/plugins/acl/aclplugin.c
index 66ef707..ecd1e11 100644
--- a/ldap/servers/plugins/acl/aclplugin.c
+++ b/ldap/servers/plugins/acl/aclplugin.c
@@ -135,7 +135,8 @@ static int
aclplugin_preop_search ( Slapi_PBlock *pb )
{
int scope;
- char *base = NULL;
+ const char *base = NULL;
+ Slapi_DN *sdn = NULL;
int optype;
int isRoot;
int rc = 0;
@@ -151,7 +152,8 @@ aclplugin_preop_search ( Slapi_PBlock *pb )
return rc;
}
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &sdn );
+ base = slapi_sdn_get_dn(sdn);
/* For anonymous client doing search nothing needs to be set up */
if ( optype == SLAPI_OPERATION_SEARCH && aclanom_is_client_anonymous ( pb ) &&
! slapi_dn_issuffix( base, "cn=monitor") ) {
@@ -244,7 +246,7 @@ aclplugin_preop_common( Slapi_PBlock *pb )
slapi_log_error( SLAPI_LOG_ACL, plugin_name,
"proxied authorization dn is (%s)\n", proxy_dn );
acl_init_aclpb ( pb, aclpb, proxy_dn, 1 );
- aclpb = acl_new_proxy_aclpb (pb );
+ aclpb = acl_new_proxy_aclpb ( pb );
acl_init_aclpb ( pb, aclpb, dn, 0 );
slapi_ch_free ( (void **) &proxy_dn );
diff --git a/ldap/servers/plugins/automember/automember.c b/ldap/servers/plugins/automember/automember.c
index 2e1d496..125f4be 100644
--- a/ldap/servers/plugins/automember/automember.c
+++ b/ldap/servers/plugins/automember/automember.c
@@ -92,10 +92,10 @@ static void automember_free_config_entry(struct configEntry ** entry);
/*
* helpers
*/
-static char *automember_get_dn(Slapi_PBlock * pb);
+static Slapi_DN *automember_get_sdn(Slapi_PBlock *pb);
static Slapi_DN *automember_get_config_area();
static void automember_set_config_area(Slapi_DN *sdn);
-static int automember_dn_is_config(char *dn);
+static int automember_dn_is_config(Slapi_DN *sdn);
static int automember_oktodo(Slapi_PBlock *pb);
static int automember_isrepl(Slapi_PBlock *pb);
static void automember_parse_regex_entry(struct configEntry *config, Slapi_Entry *e);
@@ -275,7 +275,7 @@ automember_postop_init(Slapi_PBlock *pb)
static int
automember_start(Slapi_PBlock * pb)
{
- char *plugindn = NULL;
+ Slapi_DN *plugindn = NULL;
char *config_area = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
@@ -298,14 +298,14 @@ automember_start(Slapi_PBlock * pb)
/*
* Get the plug-in target dn from the system
* and store it for future use. */
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &plugindn);
- if (NULL == plugindn || 0 == strlen(plugindn)) {
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &plugindn);
+ if (NULL == plugindn || 0 == strlen(slapi_sdn_get_dn(plugindn))) {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"automember_start: unable to retrieve plugin dn\n");
return -1;
}
- automember_set_plugin_sdn(slapi_sdn_new_dn_byref(plugindn));
+ automember_set_plugin_sdn(slapi_sdn_dup(plugindn));
/* Set the alternate config area if one is defined. */
slapi_pblock_get(pb, SLAPI_PLUGIN_CONFIG_AREA, &config_area);
@@ -804,28 +804,19 @@ automember_delete_config()
return;
}
-
-/*
- * Helper functions
- */
-static char *
-automember_get_dn(Slapi_PBlock * pb)
+static Slapi_DN *
+automember_get_sdn(Slapi_PBlock * pb)
{
- char *dn = 0;
+ Slapi_DN *sdn = 0;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
- "--> automember_get_dn\n");
+ "--> automember_get_sdn\n");
- if (slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn)) {
- slapi_log_error(SLAPI_LOG_FATAL, AUTOMEMBER_PLUGIN_SUBSYSTEM,
- "automember_get_dn: failed to get dn of changed entry");
- goto bail;
- }
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
- bail:
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
- "<-- automember_get_dn\n");
+ "<-- automember_get_sdn\n");
- return dn;
+ return sdn;
}
void
@@ -846,20 +837,17 @@ automember_get_config_area()
* Checks if dn is an auto membership config entry.
*/
static int
-automember_dn_is_config(char *dn)
+automember_dn_is_config(Slapi_DN *sdn)
{
int ret = 0;
- Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"--> automember_dn_is_config\n");
- if (dn == NULL) {
+ if (sdn == NULL) {
goto bail;
}
- sdn = slapi_sdn_new_dn_byref(dn);
-
/* If an alternate config area is configured, treat it's child
* entries as config entries. If the alternate config area is
* not configured, treat children of the top-level plug-in
@@ -877,7 +865,6 @@ automember_dn_is_config(char *dn)
}
bail:
- slapi_sdn_free(&sdn);
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"<-- automember_dn_is_config\n");
@@ -1579,7 +1566,7 @@ automember_add_member_value(Slapi_Entry *member_e, const char *group_dn,
static int
automember_pre_op(Slapi_PBlock * pb, int modop)
{
- char *dn = 0;
+ Slapi_DN *sdn = 0;
Slapi_Entry *e = 0;
Slapi_Mods *smods = 0;
LDAPMod **mods;
@@ -1594,10 +1581,10 @@ automember_pre_op(Slapi_PBlock * pb, int modop)
if (!g_plugin_started)
goto bail;
- if (0 == (dn = automember_get_dn(pb)))
+ if (0 == (sdn = automember_get_sdn(pb)))
goto bail;
- if (automember_dn_is_config(dn)) {
+ if (automember_dn_is_config(sdn)) {
/* Validate config changes, but don't apply them.
* This allows us to reject invalid config changes
* here at the pre-op stage. Applying the config
@@ -1609,10 +1596,8 @@ automember_pre_op(Slapi_PBlock * pb, int modop)
} else if (LDAP_CHANGETYPE_MODIFY == modop) {
/* Fetch the entry being modified so we can
* create the resulting entry for validation. */
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
- if (tmp_dn) {
- slapi_search_internal_get_entry(tmp_dn, 0, &e, automember_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
+ if (sdn) {
+ slapi_search_internal_get_entry(sdn, 0, &e, automember_get_plugin_id());
free_entry = 1;
}
@@ -1692,7 +1677,7 @@ automember_mod_pre_op(Slapi_PBlock * pb)
static int
automember_mod_post_op(Slapi_PBlock *pb)
{
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"--> automember_mod_post_op\n");
@@ -1702,9 +1687,9 @@ automember_mod_post_op(Slapi_PBlock *pb)
goto bail;
}
- if (automember_oktodo(pb) && (dn = automember_get_dn(pb))) {
+ if (automember_oktodo(pb) && (sdn = automember_get_sdn(pb))) {
/* Check if the config is being modified and reload if so. */
- if (automember_dn_is_config(dn)) {
+ if (automember_dn_is_config(sdn)) {
automember_load_config();
}
}
@@ -1720,7 +1705,7 @@ static int
automember_add_post_op(Slapi_PBlock *pb)
{
Slapi_Entry *e = NULL;
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
struct configEntry *config = NULL;
PRCList *list = NULL;
@@ -1732,14 +1717,15 @@ automember_add_post_op(Slapi_PBlock *pb)
return 0;
/* Reload config if a config entry was added. */
- if ((dn = automember_get_dn(pb))) {
- if (automember_dn_is_config(dn)) {
+ if ((sdn = automember_get_sdn(pb))) {
+ if (automember_dn_is_config(sdn)) {
automember_load_config();
}
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"automember_add_post_op: Error "
"retrieving dn\n");
+ goto bail;
}
/* If replication, just bail. */
@@ -1777,7 +1763,7 @@ automember_add_post_op(Slapi_PBlock *pb)
config = (struct configEntry *)list;
/* Does the entry meet scope and filter requirements? */
- if (slapi_dn_issuffix(dn, config->scope) &&
+ if (slapi_dn_issuffix(slapi_sdn_get_dn(sdn), config->scope) &&
(slapi_filter_test_simple(e, config->filter) == 0)) {
/* Find out what membership changes are needed and make them. */
automember_update_membership(config, e);
@@ -1791,9 +1777,9 @@ automember_add_post_op(Slapi_PBlock *pb)
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"automember_add_post_op: Error "
- "retrieving post-op entry %s\n", dn);
+ "retrieving post-op entry %s\n", slapi_sdn_get_dn(sdn));
}
-
+bail:
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"<-- automember_add_post_op\n");
@@ -1808,7 +1794,7 @@ automember_add_post_op(Slapi_PBlock *pb)
static int
automember_del_post_op(Slapi_PBlock *pb)
{
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"--> automember_del_post_op\n");
@@ -1819,8 +1805,8 @@ automember_del_post_op(Slapi_PBlock *pb)
}
/* Reload config if a config entry was deleted. */
- if ((dn = automember_get_dn(pb))) {
- if (automember_dn_is_config(dn))
+ if ((sdn = automember_get_sdn(pb))) {
+ if (automember_dn_is_config(sdn))
automember_load_config();
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
@@ -1843,8 +1829,8 @@ automember_del_post_op(Slapi_PBlock *pb)
static int
automember_modrdn_post_op(Slapi_PBlock *pb)
{
- char *old_dn = NULL;
- char *new_dn = NULL;
+ Slapi_DN *old_sdn = NULL;
+ Slapi_DN *new_sdn = NULL;
Slapi_Entry *post_e = NULL;
slapi_log_error(SLAPI_LOG_TRACE, AUTOMEMBER_PLUGIN_SUBSYSTEM,
@@ -1859,7 +1845,7 @@ automember_modrdn_post_op(Slapi_PBlock *pb)
* config entries. */
slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &post_e);
if (post_e) {
- new_dn = slapi_entry_get_ndn(post_e);
+ new_sdn = slapi_entry_get_sdn(post_e);
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
"automember_modrdn_post_op: Error "
@@ -1867,8 +1853,8 @@ automember_modrdn_post_op(Slapi_PBlock *pb)
return 0;
}
- if ((old_dn = automember_get_dn(pb))) {
- if (automember_dn_is_config(old_dn) || automember_dn_is_config(new_dn))
+ if ((old_sdn = automember_get_sdn(pb))) {
+ if (automember_dn_is_config(old_sdn) || automember_dn_is_config(new_sdn))
automember_load_config();
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
diff --git a/ldap/servers/plugins/chainingdb/cb_add.c b/ldap/servers/plugins/chainingdb/cb_add.c
index 501865a..116ac92 100644
--- a/ldap/servers/plugins/chainingdb/cb_add.c
+++ b/ldap/servers/plugins/chainingdb/cb_add.c
@@ -65,41 +65,44 @@ chaining_back_add ( Slapi_PBlock *pb )
char **referrals=NULL;
LDAPMod ** mods;
LDAPMessage * res;
- char *dn,* matched_msg, *error_msg;
+ char * matched_msg, *error_msg;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
char *cnxerrbuf=NULL;
- time_t endtime;
+ time_t endtime;
cb_outgoing_conn *cnx;
if ( (rc=cb_forward_operation(pb)) != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, "Remote data access disabled", 0, NULL );
+ cb_send_ldap_result( pb, rc, NULL, "Remote data access disabled", 0, NULL );
return -1;
}
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
/* Update monitor info */
cb_update_monitor_info(pb,cb,SLAPI_OPERATION_ADD);
/* Check wether the chaining BE is available or not */
- if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
+ if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
return -1;
- }
+ }
+ slapi_pblock_get( pb, SLAPI_ADD_TARGET_SDN, &sdn );
+ slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &e );
- slapi_pblock_get( pb, SLAPI_ADD_TARGET, &dn );
- slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &e );
+ dn = slapi_sdn_get_dn(sdn);
/* Check local access controls */
if (cb->local_acl && !cb->associated_be_is_disabled) {
char * errbuf=NULL;
- rc = cb_access_allowed (pb, e, NULL, NULL, SLAPI_ACL_ADD, &errbuf);
- if ( rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
- slapi_ch_free((void **)&errbuf);
+ rc = cb_access_allowed (pb, e, NULL, NULL, SLAPI_ACL_ADD, &errbuf);
+ if ( rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
+ slapi_ch_free((void **)&errbuf);
return -1;
}
- }
+ }
/* Build LDAPMod from the SLapi_Entry */
cb_eliminate_illegal_attributes(cb,e);
diff --git a/ldap/servers/plugins/chainingdb/cb_bind.c b/ldap/servers/plugins/chainingdb/cb_bind.c
index 0d46b7a..edc45f3 100644
--- a/ldap/servers/plugins/chainingdb/cb_bind.c
+++ b/ldap/servers/plugins/chainingdb/cb_bind.c
@@ -47,10 +47,11 @@ cb_free_bervals( struct berval **bvs );
static int
-cb_sasl_bind_once_s( cb_conn_pool *pool, char *dn, int method, char * mechanism,
- struct berval *creds, LDAPControl **reqctrls,
- char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
- LDAPControl ***resctrlsp , int * status);
+cb_sasl_bind_once_s( cb_conn_pool *pool, const char *dn, int method,
+ char * mechanism, struct berval *creds,
+ LDAPControl **reqctrls, char **matcheddnp,
+ char **errmsgp, struct berval ***refurlsp,
+ LDAPControl ***resctrlsp , int * status);
/*
* Attempt to chain a bind request off to "srvr." We return an LDAP error
@@ -67,17 +68,18 @@ cb_sasl_bind_once_s( cb_conn_pool *pool, char *dn, int method, char * mechanism,
static int
cb_sasl_bind_s(Slapi_PBlock * pb, cb_conn_pool *pool, int tries,
- char *dn, int method,char * mechanism, struct berval *creds, LDAPControl **reqctrls,
- char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
- LDAPControl ***resctrlsp ,int *status) {
-
+ const char *dn, int method,char * mechanism,
+ struct berval *creds, LDAPControl **reqctrls,
+ char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
+ LDAPControl ***resctrlsp ,int *status)
+{
int rc;
do {
/* check to see if operation has been abandoned...*/
- if (LDAP_AUTH_SIMPLE!=method)
- return LDAP_AUTH_METHOD_NOT_SUPPORTED;
+ if (LDAP_AUTH_SIMPLE!=method)
+ return LDAP_AUTH_METHOD_NOT_SUPPORTED;
if ( slapi_op_abandoned( pb )) {
rc = LDAP_USER_CANCELLED;
@@ -91,10 +93,11 @@ cb_sasl_bind_s(Slapi_PBlock * pb, cb_conn_pool *pool, int tries,
}
static int
-cb_sasl_bind_once_s( cb_conn_pool *pool, char *dn, int method, char * mechanism,
- struct berval *creds, LDAPControl **reqctrls,
- char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
- LDAPControl ***resctrlsp , int * status )
+cb_sasl_bind_once_s( cb_conn_pool *pool, const char *dn, int method,
+ char * mechanism, struct berval *creds,
+ LDAPControl **reqctrls, char **matcheddnp,
+ char **errmsgp, struct berval ***refurlsp,
+ LDAPControl ***resctrlsp , int * status )
{
int rc, msgid;
char **referrals;
@@ -225,18 +228,20 @@ release_and_return:
}
int
-chainingdb_bind( Slapi_PBlock *pb ) {
+chainingdb_bind( Slapi_PBlock *pb )
+{
int status=LDAP_SUCCESS;
int allocated_errmsg;
int rc=LDAP_SUCCESS;
cb_backend_instance *cb;
Slapi_Backend *be;
- char *dn;
- int method;
- struct berval *creds, **urls;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ int method;
+ struct berval *creds, **urls;
char *matcheddn,*errmsg;
- LDAPControl **reqctrls, **resctrls, **ctrls;
+ LDAPControl **reqctrls, **resctrls, **ctrls;
char * mechanism;
int freectrls=1;
int bind_retry;
@@ -258,16 +263,18 @@ chainingdb_bind( Slapi_PBlock *pb ) {
if (ctrls)
ldap_controls_free(ctrls);
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &dn );
- slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &sdn );
+ slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method );
slapi_pblock_get( pb, SLAPI_BIND_SASLMECHANISM, &mechanism);
- slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds );
- slapi_pblock_get( pb, SLAPI_REQCONTROLS, &reqctrls );
- cb = cb_get_instance(be);
+ slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds );
+ slapi_pblock_get( pb, SLAPI_REQCONTROLS, &reqctrls );
+ cb = cb_get_instance(be);
- if ( NULL == dn )
- dn="";
+ if ( NULL == sdn ) {
+ sdn = slapi_sdn_new_ndn_byval("");
+ }
+ dn = slapi_sdn_get_ndn(sdn);
/* always allow noauth simple binds */
if (( method == LDAP_AUTH_SIMPLE) && creds->bv_len == 0 ) {
diff --git a/ldap/servers/plugins/chainingdb/cb_compare.c b/ldap/servers/plugins/chainingdb/cb_compare.c
index ccbc175..512ce75 100644
--- a/ldap/servers/plugins/chainingdb/cb_compare.c
+++ b/ldap/servers/plugins/chainingdb/cb_compare.c
@@ -63,29 +63,33 @@ chaining_back_compare ( Slapi_PBlock *pb )
LDAP *ld=NULL;
char **referrals=NULL;
LDAPMessage * res;
- char *type,*dn,* matched_msg, *error_msg;
+ char *type, *matched_msg, *error_msg;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
char *cnxerrbuf=NULL;
- time_t endtime;
+ time_t endtime;
cb_outgoing_conn *cnx;
- if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
- cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
- return -1;
- }
+ if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
+ cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
- cb_update_monitor_info(pb,cb,SLAPI_OPERATION_COMPARE);
+ cb_update_monitor_info(pb,cb,SLAPI_OPERATION_COMPARE);
/* Check wether the chaining BE is available or not */
- if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
- return -1;
- }
+ if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
+ return -1;
+ }
+
+ slapi_pblock_get( pb, SLAPI_COMPARE_TARGET_SDN, &sdn );
+ slapi_pblock_get( pb, SLAPI_COMPARE_TYPE, &type );
+ slapi_pblock_get( pb, SLAPI_COMPARE_VALUE, &bval );
- slapi_pblock_get( pb, SLAPI_COMPARE_TARGET, &dn );
- slapi_pblock_get( pb, SLAPI_COMPARE_TYPE, &type );
- slapi_pblock_get( pb, SLAPI_COMPARE_VALUE, &bval );
+ dn = slapi_sdn_get_dn(sdn);
/*
* Check local acls
@@ -96,17 +100,17 @@ chaining_back_compare ( Slapi_PBlock *pb )
if (checkacl) {
char * errbuf=NULL;
- Slapi_Entry *te = slapi_entry_alloc();
- slapi_entry_set_dn(te,slapi_ch_strdup(dn));
- rc = cb_access_allowed (pb, te, type, bval, SLAPI_ACL_COMPARE,&errbuf);
- slapi_entry_free(te);
+ Slapi_Entry *te = slapi_entry_alloc();
+ slapi_entry_set_dn(te, slapi_ch_strdup(dn)); /* dn: passin */
+ rc = cb_access_allowed (pb, te, type, bval, SLAPI_ACL_COMPARE,&errbuf);
+ slapi_entry_free(te);
- if ( rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
+ if ( rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
slapi_ch_free((void **) &errbuf);
return 1;
}
- }
+ }
/*
* Grab a connection handle
diff --git a/ldap/servers/plugins/chainingdb/cb_controls.c b/ldap/servers/plugins/chainingdb/cb_controls.c
index da2d283..f079901 100644
--- a/ldap/servers/plugins/chainingdb/cb_controls.c
+++ b/ldap/servers/plugins/chainingdb/cb_controls.c
@@ -201,9 +201,9 @@ int cb_update_controls( Slapi_PBlock * pb,
char * requestorCopy=NULL;
rootdn=cb_get_rootdn();
- slapi_pblock_get( pb, SLAPI_REQUESTOR_DN, &requestor );
- requestorCopy=slapi_ch_strdup(requestor);
- slapi_dn_normalize_case(requestorCopy);
+ slapi_pblock_get( pb, SLAPI_REQUESTOR_NDN, &requestor );
+ requestorCopy = slapi_ch_strdup(requestor);
+ slapi_dn_ignore_case(requestorCopy);
if (!strcmp( requestorCopy, rootdn )) { /* UTF8- aware */
slapi_log_error( SLAPI_LOG_PLUGIN,CB_PLUGIN_SUBSYSTEM,
diff --git a/ldap/servers/plugins/chainingdb/cb_delete.c b/ldap/servers/plugins/chainingdb/cb_delete.c
index 992f606..72b5e25 100644
--- a/ldap/servers/plugins/chainingdb/cb_delete.c
+++ b/ldap/servers/plugins/chainingdb/cb_delete.c
@@ -62,27 +62,30 @@ chaining_back_delete ( Slapi_PBlock *pb )
LDAP *ld=NULL;
char **referrals=NULL;
LDAPMessage * res;
- char *dn,* matched_msg, *error_msg;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ char *matched_msg, *error_msg;
char *cnxerrbuf=NULL;
- time_t endtime;
+ time_t endtime;
cb_outgoing_conn *cnx;
- if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
- cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
- return -1;
- }
+ if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
+ cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
- cb_update_monitor_info(pb,cb,SLAPI_OPERATION_DELETE);
+ cb_update_monitor_info(pb,cb,SLAPI_OPERATION_DELETE);
/* Check wether the chaining BE is available or not */
- if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
- return -1;
- }
+ if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_DELETE_TARGET, &dn );
+ slapi_pblock_get( pb, SLAPI_DELETE_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
/*
* Check local acls
@@ -90,17 +93,17 @@ chaining_back_delete ( Slapi_PBlock *pb )
if (cb->local_acl && !cb->associated_be_is_disabled) {
char * errbuf=NULL;
- Slapi_Entry *te = slapi_entry_alloc();
- slapi_entry_set_dn(te,slapi_ch_strdup(dn));
- rc = cb_access_allowed (pb, te, NULL, NULL, SLAPI_ACL_DELETE,&errbuf);
- slapi_entry_free(te);
+ Slapi_Entry *te = slapi_entry_alloc();
+ slapi_entry_set_dn(te, slapi_ch_strdup(dn)); /* dn: passin */
+ rc = cb_access_allowed (pb, te, NULL, NULL, SLAPI_ACL_DELETE,&errbuf);
+ slapi_entry_free(te);
- if ( rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
- slapi_ch_free((void **)&errbuf);
+ if ( rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
+ slapi_ch_free((void **)&errbuf);
return -1;
}
- }
+ }
/*
* Grab a connection handle
diff --git a/ldap/servers/plugins/chainingdb/cb_instance.c b/ldap/servers/plugins/chainingdb/cb_instance.c
index 145d5a3..9a33916 100644
--- a/ldap/servers/plugins/chainingdb/cb_instance.c
+++ b/ldap/servers/plugins/chainingdb/cb_instance.c
@@ -850,9 +850,9 @@ static int cb_instance_binduser_set(void *arg, void *value, char *errorbuf, int
if (apply) {
- slapi_rwlock_wrlock(inst->rwl_config_lock);
+ slapi_rwlock_wrlock(inst->rwl_config_lock);
if (( phase != CB_CONFIG_PHASE_INITIALIZATION ) &&
- ( phase != CB_CONFIG_PHASE_STARTUP )) {
+ ( phase != CB_CONFIG_PHASE_STARTUP )) {
/* Dynamic modif */
/* Free user later */
@@ -862,10 +862,11 @@ static int cb_instance_binduser_set(void *arg, void *value, char *errorbuf, int
rc=CB_REOPEN_CONN;
}
- inst->pool->binddn=slapi_ch_strdup((char *) value);
+ /* normalize and ignore the case */
+ inst->pool->binddn = slapi_create_dn_string_case("%s", (char *)value);
+ /* not normalized */
inst->pool->binddn2=slapi_ch_strdup((char *) value);
- slapi_dn_normalize_case(inst->pool->binddn);
- slapi_rwlock_unlock(inst->rwl_config_lock);
+ slapi_rwlock_unlock(inst->rwl_config_lock);
} else {
/* Security check */
@@ -877,19 +878,18 @@ static int cb_instance_binduser_set(void *arg, void *value, char *errorbuf, int
char * theValueCopy = NULL;
if (value) {
- theValueCopy=slapi_ch_strdup((char *) value);
- slapi_dn_normalize_case(theValueCopy);
+ theValueCopy = slapi_create_dn_string_case("%s", (char *) value);
}
slapi_rwlock_rdlock(inst->rwl_config_lock);
- if (inst->impersonate && theValueCopy &&
- !strcmp(theValueCopy,rootdn)) { /* UTF8-aware. See cb_get_dn() */
- rc=LDAP_UNWILLING_TO_PERFORM;
+ if (inst->impersonate && theValueCopy &&
+ !strcmp(theValueCopy,rootdn)) { /* UTF8-aware. See cb_get_dn() */
+ rc=LDAP_UNWILLING_TO_PERFORM;
if (errorbuf) {
PR_snprintf(errorbuf,SLAPI_DSE_RETURNTEXT_SIZE, "value %s not allowed",rootdn);
}
- }
- slapi_rwlock_unlock(inst->rwl_config_lock);
+ }
+ slapi_rwlock_unlock(inst->rwl_config_lock);
slapi_ch_free((void **)&theValueCopy);
slapi_ch_free((void **)&rootdn);
diff --git a/ldap/servers/plugins/chainingdb/cb_modify.c b/ldap/servers/plugins/chainingdb/cb_modify.c
index fcfb310..e660e5c 100644
--- a/ldap/servers/plugins/chainingdb/cb_modify.c
+++ b/ldap/servers/plugins/chainingdb/cb_modify.c
@@ -65,51 +65,54 @@ chaining_back_modify ( Slapi_PBlock *pb )
char **referrals=NULL;
LDAPMod ** mods;
LDAPMessage * res;
- char *dn,* matched_msg, *error_msg;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ char *matched_msg, *error_msg;
char *cnxerrbuf=NULL;
- time_t endtime;
+ time_t endtime;
cb_outgoing_conn *cnx;
- if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
- cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
- return -1;
- }
+ if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
+ cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
- cb_update_monitor_info(pb,cb,SLAPI_OPERATION_MODIFY);
+ cb_update_monitor_info(pb,cb,SLAPI_OPERATION_MODIFY);
/* Check wether the chaining BE is available or not */
- if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
- return -1;
- }
+ if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
+ return -1;
+ }
- slapi_pblock_get( pb, SLAPI_MODIFY_TARGET, &dn );
+ slapi_pblock_get( pb, SLAPI_MODIFY_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
if (cb_debug_on()) {
- slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM,"modify: target:<%s>\n",dn);
+ slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM,"modify: target:<%s>\n",dn);
}
ctrls=serverctrls=NULL;
- slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods );
- slapi_pblock_get( pb, SLAPI_REQCONTROLS, &ctrls );
+ slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods );
+ slapi_pblock_get( pb, SLAPI_REQCONTROLS, &ctrls );
/* Check acls */
if ( cb->local_acl && !cb->associated_be_is_disabled ) {
- char * errbuf=NULL;
- Slapi_Entry *te = slapi_entry_alloc();
- slapi_entry_set_dn(te,slapi_ch_strdup(dn));
- rc = slapi_acl_check_mods( pb, te, mods, &errbuf);
- slapi_entry_free(te);
-
- if ( rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
- slapi_ch_free((void **)&errbuf);
- return -1;
- }
+ char * errbuf=NULL;
+ Slapi_Entry *te = slapi_entry_alloc();
+ slapi_entry_set_dn(te, slapi_ch_strdup(dn)); /* dn: passin */
+ rc = slapi_acl_check_mods( pb, te, mods, &errbuf);
+ slapi_entry_free(te);
+
+ if ( rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, rc, NULL, errbuf, 0, NULL );
+ slapi_ch_free((void **)&errbuf);
+ return -1;
+ }
}
diff --git a/ldap/servers/plugins/chainingdb/cb_modrdn.c b/ldap/servers/plugins/chainingdb/cb_modrdn.c
index 2efff02..ccf5d94 100644
--- a/ldap/servers/plugins/chainingdb/cb_modrdn.c
+++ b/ldap/servers/plugins/chainingdb/cb_modrdn.c
@@ -60,13 +60,16 @@ chaining_back_modrdn ( Slapi_PBlock *pb )
LDAPControl **ctrls, **serverctrls;
int rc,parse_rc,msgid,i;
LDAP *ld=NULL;
- char **referrals=NULL;
+ char **referrals=NULL;
LDAPMessage * res;
- char * matched_msg, *error_msg,* pdn, *newdn, *dn;
+ char * matched_msg, *error_msg,* pdn, *newdn;
+ char *dn = NULL;
+ Slapi_DN *sdn = NULL;
int deleteoldrdn=0;
- char * newsuperior, *newrdn;
+ Slapi_DN *newsuperior;
+ char *newrdn;
char * cnxerrbuf=NULL;
- time_t endtime;
+ time_t endtime;
cb_outgoing_conn * cnx;
if ( LDAP_SUCCESS != (rc=cb_forward_operation(pb) )) {
@@ -75,26 +78,29 @@ chaining_back_modrdn ( Slapi_PBlock *pb )
}
slapi_pblock_get( pb, SLAPI_BACKEND, &be );
- cb = cb_get_instance(be);
+ cb = cb_get_instance(be);
cb_update_monitor_info(pb,cb,SLAPI_OPERATION_MODRDN);
- /* Check wether the chaining BE is available or not */
+ /* Check wether the chaining BE is available or not */
if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
return -1;
}
- newsuperior=newdn=newrdn=dn=NULL;
- slapi_pblock_get( pb, SLAPI_MODRDN_TARGET, &dn );
+ newsuperior = NULL;
+ newdn = newrdn = dn = NULL;
+ slapi_pblock_get( pb, SLAPI_MODRDN_TARGET_SDN, &sdn );
slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
- slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperior );
+ slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior );
slapi_pblock_get( pb, SLAPI_MODRDN_DELOLDRDN, &deleteoldrdn );
- /*
- * Construct the new dn
- */
+ dn = (char *)slapi_sdn_get_dn(sdn);
- dn = slapi_dn_normalize_case(dn);
+ /*
+ * Construct the new dn
+ */
+ /* dn is normalized; just ignore the case */
+ dn = slapi_dn_ignore_case(dn);
if ( (pdn = slapi_dn_parent( dn )) != NULL ) {
/* parent + rdn + separator(s) + null */
newdn = (char *) slapi_ch_malloc( strlen( pdn ) + strlen( newrdn ) + 3 );
@@ -102,7 +108,7 @@ chaining_back_modrdn ( Slapi_PBlock *pb )
strcat( newdn, "," );
strcat( newdn, pdn );
- slapi_ch_free((void **)&pdn );
+ slapi_ch_free((void **)&pdn );
} else {
newdn = slapi_ch_strdup( newrdn );
@@ -125,7 +131,7 @@ chaining_back_modrdn ( Slapi_PBlock *pb )
char * errbuf=NULL;
Slapi_Entry *te = slapi_entry_alloc();
- slapi_entry_set_dn(te,slapi_ch_strdup(dn));
+ slapi_entry_set_dn(te,slapi_ch_strdup(dn)); /* dn: passin */
rc = cb_access_allowed (pb, te, NULL, NULL, SLAPI_ACL_WRITE,&errbuf);
slapi_entry_free(te);
@@ -183,7 +189,8 @@ chaining_back_modrdn ( Slapi_PBlock *pb )
* Send LDAP operation to the remote host
*/
- rc = ldap_rename ( ld,dn,newrdn,newsuperior,deleteoldrdn,ctrls,NULL,&msgid);
+ rc = ldap_rename ( ld, dn, newrdn, slapi_sdn_get_dn(newsuperior),
+ deleteoldrdn, ctrls, NULL, &msgid );
if ( NULL != ctrls)
ldap_controls_free(ctrls);
diff --git a/ldap/servers/plugins/chainingdb/cb_search.c b/ldap/servers/plugins/chainingdb/cb_search.c
index a16ed4c..763de4b 100644
--- a/ldap/servers/plugins/chainingdb/cb_search.c
+++ b/ldap/servers/plugins/chainingdb/cb_search.c
@@ -58,41 +58,45 @@ chainingdb_build_candidate_list ( Slapi_PBlock *pb )
Slapi_Backend * be;
Slapi_Operation * op;
- char *target, *filter;
+ char *filter;
+ const char *target = NULL;
+ Slapi_DN *target_sdn = NULL;
int scope,attrsonly,sizelimit,timelimit,rc,searchreferral;
char **attrs=NULL;
LDAPControl **controls=NULL;
LDAPControl **ctrls=NULL;
- LDAP *ld=NULL;
- cb_backend_instance *cb = NULL;
+ LDAP *ld=NULL;
+ cb_backend_instance *cb = NULL;
cb_searchContext *ctx=NULL;
struct timeval timeout;
time_t optime;
int doit,parse_rc;
- LDAPMessage *res=NULL;
- char *matched_msg,*error_msg;
- LDAPControl **serverctrls=NULL;
- char **referrals=NULL;
+ LDAPMessage *res=NULL;
+ char *matched_msg,*error_msg;
+ LDAPControl **serverctrls=NULL;
+ char **referrals=NULL;
char *cnxerrbuf=NULL;
time_t endbefore=0;
time_t endtime;
cb_outgoing_conn *cnx;
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
cb = cb_get_instance(be);
- slapi_pblock_get( pb, SLAPI_OPERATION, &op );
- slapi_pblock_get( pb, SLAPI_SEARCH_STRFILTER, &filter );
- slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope );
- slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime );
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &target );
+ slapi_pblock_get( pb, SLAPI_OPERATION, &op );
+ slapi_pblock_get( pb, SLAPI_SEARCH_STRFILTER, &filter );
+ slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope );
+ slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &target_sdn );
- if ( LDAP_SUCCESS != (parse_rc=cb_forward_operation(pb) )) {
+ target = slapi_sdn_get_dn(target_sdn);
+
+ if ( LDAP_SUCCESS != (parse_rc=cb_forward_operation(pb) )) {
/* Don't return errors */
if (cb_debug_on()) {
- slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM,
+ slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM,
"local search: base:<%s> scope:<%s> filter:<%s>\n",target,
scope==LDAP_SCOPE_SUBTREE?"SUBTREE":scope==LDAP_SCOPE_ONELEVEL ? "ONE-LEVEL" : "BASE" , filter);
}
@@ -135,28 +139,28 @@ chainingdb_build_candidate_list ( Slapi_PBlock *pb )
if (( scope != LDAP_SCOPE_BASE ) && ( searchreferral )) {
- int i;
- struct berval bv,*bvals[2];
- Slapi_Entry ** aciArray=(Slapi_Entry **) slapi_ch_malloc(2*sizeof(Slapi_Entry *));
- Slapi_Entry *anEntry = slapi_entry_alloc();
+ int i;
+ struct berval bv,*bvals[2];
+ Slapi_Entry ** aciArray=(Slapi_Entry **) slapi_ch_malloc(2*sizeof(Slapi_Entry *));
+ Slapi_Entry *anEntry = slapi_entry_alloc();
- slapi_entry_set_dn(anEntry,slapi_ch_strdup(target));
+ slapi_entry_set_dn(anEntry,slapi_ch_strdup(target));
- bvals[1]=NULL;
- bvals[0]=&bv;
- bv.bv_val="referral";
+ bvals[1]=NULL;
+ bvals[0]=&bv;
+ bv.bv_val="referral";
bv.bv_len=strlen(bv.bv_val);
- slapi_entry_add_values( anEntry, "objectclass", bvals);
+ slapi_entry_add_values( anEntry, "objectclass", bvals);
- slapi_rwlock_rdlock(cb->rwl_config_lock);
+ slapi_rwlock_rdlock(cb->rwl_config_lock);
for (i=0; cb->url_array && cb->url_array[i]; i++) {
char * anUrl = slapi_ch_smprintf("%s%s",cb->url_array[i],target);
- bv.bv_val=anUrl;
+ bv.bv_val=anUrl;
bv.bv_len=strlen(bv.bv_val);
- slapi_entry_attr_merge( anEntry, "ref", bvals);
+ slapi_entry_attr_merge( anEntry, "ref", bvals);
slapi_ch_free((void **)&anUrl);
}
- slapi_rwlock_unlock(cb->rwl_config_lock);
+ slapi_rwlock_unlock(cb->rwl_config_lock);
aciArray[0]=anEntry;
aciArray[1]=NULL;
@@ -442,12 +446,13 @@ int
chainingdb_next_search_entry ( Slapi_PBlock *pb )
{
- char *target;
+ const char *target = NULL;
+ Slapi_DN *target_sdn = NULL;
int sizelimit, timelimit;
int rc, parse_rc, retcode;
int i, attrsonly;
time_t optime;
- LDAPMessage *res=NULL;
+ LDAPMessage *res=NULL;
char *matched_msg,*error_msg;
cb_searchContext *ctx=NULL;
Slapi_Entry *entry;
@@ -459,13 +464,15 @@ chainingdb_next_search_entry ( Slapi_PBlock *pb )
matched_msg=error_msg=NULL;
- slapi_pblock_get( pb, SLAPI_SEARCH_RESULT_SET, &ctx );
- slapi_pblock_get( pb, SLAPI_BACKEND, &be );
- slapi_pblock_get( pb, SLAPI_SEARCH_TIMELIMIT, &timelimit );
- slapi_pblock_get( pb, SLAPI_SEARCH_SIZELIMIT, &sizelimit );
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &target );
- slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime );
- slapi_pblock_get( pb, SLAPI_SEARCH_ATTRSONLY, &attrsonly );
+ slapi_pblock_get( pb, SLAPI_SEARCH_RESULT_SET, &ctx );
+ slapi_pblock_get( pb, SLAPI_BACKEND, &be );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TIMELIMIT, &timelimit );
+ slapi_pblock_get( pb, SLAPI_SEARCH_SIZELIMIT, &sizelimit );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &target_sdn );
+ slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime );
+ slapi_pblock_get( pb, SLAPI_SEARCH_ATTRSONLY, &attrsonly );
+
+ target = slapi_sdn_get_dn(target_sdn);
cb = cb_get_instance(be);
@@ -656,22 +663,22 @@ chainingdb_next_search_entry ( Slapi_PBlock *pb )
case LDAP_RES_SEARCH_REFERENCE:
/* The server sent a search reference encountered during the
- * search operation.
+ * search operation.
*/
/* heart-beat management */
- if (cb->max_idle_time>0)
- endtime=current_time() + cb->max_idle_time;
+ if (cb->max_idle_time>0)
+ endtime=current_time() + cb->max_idle_time;
parse_rc = ldap_parse_reference( ctx->ld, res, &referrals, NULL, 1 );
- if ( parse_rc != LDAP_SUCCESS ) {
- cb_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL,
- ldap_err2string( parse_rc ), 0, NULL);
+ if ( parse_rc != LDAP_SUCCESS ) {
+ cb_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL,
+ ldap_err2string( parse_rc ), 0, NULL);
cb_release_op_connection(cb->pool,ctx->ld,CB_LDAP_CONN_ERROR(parse_rc));
slapi_ch_free((void **)&ctx);
- slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_SET,NULL);
- slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY,NULL);
+ slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_SET,NULL);
+ slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY,NULL);
return -1;
}
@@ -681,27 +688,27 @@ chainingdb_next_search_entry ( Slapi_PBlock *pb )
{
- struct berval bv;
+ struct berval bv;
int i;
- struct berval *bvals[2];
- Slapi_Entry *anEntry = slapi_entry_alloc();
- slapi_entry_set_dn(anEntry,slapi_ch_strdup(target));
+ struct berval *bvals[2];
+ Slapi_Entry *anEntry = slapi_entry_alloc();
+ slapi_entry_set_dn(anEntry,slapi_ch_strdup(target));
- bvals[1]=NULL;
- bvals[0]=&bv;
+ bvals[1]=NULL;
+ bvals[0]=&bv;
- bv.bv_val="referral";
- bv.bv_len=strlen(bv.bv_val);
- slapi_entry_add_values( anEntry, "objectclass", bvals);
+ bv.bv_val="referral";
+ bv.bv_len=strlen(bv.bv_val);
+ slapi_entry_add_values( anEntry, "objectclass", bvals);
for (i=0;referrals[i] != NULL; i++) {
- bv.bv_val=referrals[i];
+ bv.bv_val=referrals[i];
bv.bv_len=strlen(bv.bv_val);
- slapi_entry_add_values( anEntry, "ref", bvals);
+ slapi_entry_add_values( anEntry, "ref", bvals);
}
- slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_SET,ctx);
- slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY,anEntry);
+ slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_SET,ctx);
+ slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY,anEntry);
cb_set_acl_policy(pb);
}
diff --git a/ldap/servers/plugins/chainingdb/cb_utils.c b/ldap/servers/plugins/chainingdb/cb_utils.c
index 3b0123c..2492226 100644
--- a/ldap/servers/plugins/chainingdb/cb_utils.c
+++ b/ldap/servers/plugins/chainingdb/cb_utils.c
@@ -50,7 +50,7 @@ char * cb_get_rootdn() {
if (ret == NULL)
ret = slapi_ch_strdup(CB_DIRECTORY_MANAGER_DN);
if (ret)
- slapi_dn_normalize_case(ret); /* UTF8-aware */
+ slapi_dn_ignore_case(ret); /* UTF8-aware */
return ret;
}
diff --git a/ldap/servers/plugins/cos/cos_cache.c b/ldap/servers/plugins/cos/cos_cache.c
index bfb585e..85474f7 100644
--- a/ldap/servers/plugins/cos/cos_cache.c
+++ b/ldap/servers/plugins/cos/cos_cache.c
@@ -3356,7 +3356,8 @@ bail:
*/
void cos_cache_change_notify(Slapi_PBlock *pb)
{
- char *dn;
+ const char *dn;
+ Slapi_DN *sdn = NULL;
int do_update = 0;
struct slapi_entry *e;
Slapi_Backend *be=NULL;
@@ -3372,11 +3373,12 @@ void cos_cache_change_notify(Slapi_PBlock *pb)
goto bail;
/* need to work out if a cache rebuild is necessary */
- if(slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn ))
+ if(slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn ))
{
LDAPDebug( LDAP_DEBUG_ANY, "cos_cache_change_notify: failed to get dn of changed entry",0,0,0);
goto bail;
}
+ dn = slapi_sdn_get_dn(sdn);
slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &rc);
if (0 != rc) {
diff --git a/ldap/servers/plugins/dna/dna.c b/ldap/servers/plugins/dna/dna.c
index 2f4dd02..177897a 100644
--- a/ldap/servers/plugins/dna/dna.c
+++ b/ldap/servers/plugins/dna/dna.c
@@ -172,7 +172,7 @@ static PRCList *dna_global_config = NULL;
static Slapi_RWLock *g_dna_cache_lock;
static void *_PluginID = NULL;
-static char *_PluginDN = NULL;
+static const char *_PluginDN = NULL;
static int g_plugin_started = 0;
@@ -227,6 +227,7 @@ static int dna_load_host_port();
*
*/
static char *dna_get_dn(Slapi_PBlock * pb);
+static Slapi_DN *dna_get_sdn(Slapi_PBlock * pb);
static int dna_dn_is_config(char *dn);
static int dna_get_next_value(struct configEntry * config_entry,
char **next_value_ret);
@@ -330,12 +331,12 @@ void *getPluginID()
return _PluginID;
}
-void setPluginDN(char *pluginDN)
+void setPluginDN(const char *pluginDN)
{
_PluginDN = pluginDN;
}
-char *getPluginDN()
+const char *getPluginDN()
{
return _PluginDN;
}
@@ -489,7 +490,8 @@ dna_exop_init(Slapi_PBlock * pb)
static int
dna_start(Slapi_PBlock * pb)
{
- char *plugindn = NULL;
+ Slapi_DN *pluginsdn = NULL;
+ const char *plugindn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
"--> dna_start\n");
@@ -513,12 +515,13 @@ dna_start(Slapi_PBlock * pb)
* and store it for future use. This should avoid
* hardcoding of DN's in the code.
*/
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &plugindn);
- if (NULL == plugindn || 0 == strlen(plugindn)) {
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &pluginsdn);
+ if (NULL == pluginsdn || 0 == strlen(slapi_sdn_get_dn(pluginsdn))) {
slapi_log_error(SLAPI_LOG_PLUGIN, DNA_PLUGIN_SUBSYSTEM,
"dna_start: had to use hard coded config dn\n");
plugindn = DNA_DN;
} else {
+ plugindn = slapi_sdn_get_dn(pluginsdn);
slapi_log_error(SLAPI_LOG_PLUGIN, DNA_PLUGIN_SUBSYSTEM,
"dna_start: config at %s\n", plugindn);
@@ -857,12 +860,17 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
Slapi_DN *sdn = NULL;
char *normdn = NULL;
- sdn = slapi_sdn_new_dn_byref(value);
+ sdn = slapi_sdn_new_dn_passin(value);
- if (sdn) {
- slapi_search_internal_get_entry(sdn, NULL, &shared_e, getPluginID());
- slapi_sdn_free(&sdn);
+ if (!sdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
+ "dna_parse_config_entry: Unable to create "
+ "slapi_dn (%s)\n", value);
+ ret = DNA_FAILURE;
+ slapi_ch_free_string(&value);
+ goto bail;
}
+ slapi_search_internal_get_entry(sdn, NULL, &shared_e, getPluginID());
/* Make sure that the shared config entry exists. */
if (!shared_e) {
@@ -872,23 +880,23 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
"dna_parse_config_entry: Unable to locate "
"shared configuration entry (%s)\n", value);
ret = DNA_FAILURE;
- slapi_ch_free_string(&value);
+ slapi_sdn_free(&sdn);
goto bail;
} else {
slapi_entry_free(shared_e);
shared_e = NULL;
}
- normdn = slapi_create_dn_string("%s", value);
+ normdn = (char *)slapi_sdn_get_dn(sdn);
if (NULL == normdn) {
slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
"dna_parse_config_entry: failed to normalize dn: "
"%s\n", value);
ret = DNA_FAILURE;
- slapi_ch_free_string(&value);
+ slapi_sdn_free(&sdn);
goto bail;
}
- entry->shared_cfg_base = normdn;
+ entry->shared_cfg_base = slapi_ch_strdup(normdn);
/* We prepend the host & port of this instance as a
* multi-part RDN for the shared config entry. */
@@ -900,7 +908,7 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
"%s=%s+%s=%s,%s", DNA_HOSTNAME,
hostname, DNA_PORTNUM, portnum, value);
ret = DNA_FAILURE;
- slapi_ch_free_string(&value);
+ slapi_sdn_free(&sdn);
goto bail;
}
entry->shared_cfg_dn = normdn;
@@ -908,7 +916,7 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
"----------> %s [%s]\n", DNA_SHARED_CFG_DN,
entry->shared_cfg_base);
- slapi_ch_free_string(&value);
+ slapi_sdn_free(&sdn);
}
value = slapi_entry_attr_get_charptr(e, DNA_THRESHOLD);
@@ -1725,11 +1733,11 @@ bail:
static char *dna_get_dn(Slapi_PBlock * pb)
{
- char *dn = 0;
+ Slapi_DN *sdn = 0;
slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
"--> dna_get_dn\n");
- if (slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn)) {
+ if (slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn)) {
slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
"dna_get_dn: failed to get dn of changed entry");
goto bail;
@@ -1739,7 +1747,20 @@ static char *dna_get_dn(Slapi_PBlock * pb)
slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
"<-- dna_get_dn\n");
- return dn;
+ return (char *)slapi_sdn_get_dn(sdn);
+}
+
+static Slapi_DN *
+dna_get_sdn(Slapi_PBlock * pb)
+{
+ Slapi_DN *sdn = 0;
+ slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
+ "--> dna_get_sdn\n");
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ slapi_log_error(SLAPI_LOG_TRACE, DNA_PLUGIN_SUBSYSTEM,
+ "<-- dna_get_sdn\n");
+
+ return sdn;
}
/* config check
@@ -2785,10 +2806,9 @@ static int dna_pre_op(Slapi_PBlock * pb, int modtype)
*
slapi_pblock_get( pb, SLAPI_MODIFY_EXISTING_ENTRY, &e);
*/
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
+ Slapi_DN *tmp_dn = dna_get_sdn(pb);
if (tmp_dn) {
slapi_search_internal_get_entry(tmp_dn, 0, &e, getPluginID());
- slapi_sdn_free(&tmp_dn);
free_entry = 1;
}
diff --git a/ldap/servers/plugins/linkedattrs/linked_attrs.c b/ldap/servers/plugins/linkedattrs/linked_attrs.c
index 75df753..99c254e 100644
--- a/ldap/servers/plugins/linkedattrs/linked_attrs.c
+++ b/ldap/servers/plugins/linkedattrs/linked_attrs.c
@@ -94,6 +94,7 @@ static void linked_attrs_free_config_entry(struct configEntry ** entry);
* helpers
*/
static char *linked_attrs_get_dn(Slapi_PBlock * pb);
+static Slapi_DN *linked_attrs_get_sdn(Slapi_PBlock * pb);
static int linked_attrs_dn_is_config(char *dn);
static void linked_attrs_find_config(const char *dn, const char *type,
struct configEntry **config);
@@ -152,9 +153,9 @@ linked_attrs_get_plugin_id()
}
void
-linked_attrs_set_plugin_dn(char *pluginDN)
+linked_attrs_set_plugin_dn(const char *pluginDN)
{
- _PluginDN = pluginDN;
+ _PluginDN = (char *)pluginDN;
}
char *
@@ -281,7 +282,7 @@ linked_attrs_postop_init(Slapi_PBlock *pb)
static int
linked_attrs_start(Slapi_PBlock * pb)
{
- char *plugindn = NULL;
+ Slapi_DN *plugindn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
"--> linked_attrs_start\n");
@@ -303,14 +304,14 @@ linked_attrs_start(Slapi_PBlock * pb)
/*
* Get the plug-in target dn from the system
* and store it for future use. */
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &plugindn);
- if (NULL == plugindn || 0 == strlen(plugindn)) {
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &plugindn);
+ if (NULL == plugindn || 0 == strlen(slapi_sdn_get_dn(plugindn))) {
slapi_log_error(SLAPI_LOG_PLUGIN, LINK_PLUGIN_SUBSYSTEM,
"linked_attrs_start: unable to retrieve plugin dn\n");
return -1;
}
- linked_attrs_set_plugin_dn(plugindn);
+ linked_attrs_set_plugin_dn(slapi_sdn_get_dn(plugindn));
/*
* Load the config cache
@@ -540,7 +541,7 @@ linked_attrs_parse_config_entry(Slapi_Entry * e, int apply)
char *syntaxoid = NULL;
Slapi_Attr *attr = slapi_attr_new();
- /* Set this first so we free it if we encounter an error */
+ /* Set this first so we free it if we encounter an error */
entry->managedtype = value;
/* Gather some information about this attribute. */
@@ -816,21 +817,36 @@ linked_attrs_delete_config()
static char *
linked_attrs_get_dn(Slapi_PBlock * pb)
{
- char *dn = 0;
+ const char *dn = 0;
+ Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
"--> linked_attrs_get_dn\n");
- if (slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn)) {
+ if (slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn)) {
slapi_log_error(SLAPI_LOG_FATAL, LINK_PLUGIN_SUBSYSTEM,
"linked_attrs_get_dn: failed to get dn of changed entry");
goto bail;
}
+ dn = slapi_sdn_get_dn(sdn);
bail:
slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
"<-- linked_attrs_get_dn\n");
- return dn;
+ return (char *)dn;
+}
+
+static Slapi_DN *
+linked_attrs_get_sdn(Slapi_PBlock * pb)
+{
+ Slapi_DN *sdn = 0;
+ slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
+ "--> linked_attrs_get_sdn\n");
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ slapi_log_error(SLAPI_LOG_TRACE, LINK_PLUGIN_SUBSYSTEM,
+ "<-- linked_attrs_get_sdn\n");
+
+ return sdn;
}
/*
@@ -1488,10 +1504,10 @@ linked_attrs_pre_op(Slapi_PBlock * pb, int modop)
} else {
/* Fetch the entry being modified so we can
* create the resulting entry for validation. */
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
+ /* int free_sdn = 0; */
+ Slapi_DN *tmp_dn = linked_attrs_get_sdn(pb);
if (tmp_dn) {
slapi_search_internal_get_entry(tmp_dn, 0, &e, linked_attrs_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
free_entry = 1;
}
diff --git a/ldap/servers/plugins/linkedattrs/linked_attrs.h b/ldap/servers/plugins/linkedattrs/linked_attrs.h
index c6e6347..8dfb4f0 100644
--- a/ldap/servers/plugins/linkedattrs/linked_attrs.h
+++ b/ldap/servers/plugins/linkedattrs/linked_attrs.h
@@ -127,7 +127,7 @@ void linked_attrs_unlock();
*/
void linked_attrs_set_plugin_id(void *pluginID);
void *linked_attrs_get_plugin_id();
-void linked_attrs_set_plugin_dn(char *pluginDN);
+void linked_attrs_set_plugin_dn(const char *pluginDN);
char *linked_attrs_get_plugin_dn();
/*
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
index c2d87bb..0f3849c 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -1051,11 +1051,13 @@ bail:
*/
char *memberof_getdn(Slapi_PBlock *pb)
{
- char *dn = 0;
+ const char *dn = 0;
+ Slapi_DN *sdn = NULL;
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
-
- return dn;
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ dn = slapi_sdn_get_dn(sdn);
+
+ return (char *)dn;
}
/*
diff --git a/ldap/servers/plugins/mep/mep.c b/ldap/servers/plugins/mep/mep.c
index 0241cd3..1396b9c 100644
--- a/ldap/servers/plugins/mep/mep.c
+++ b/ldap/servers/plugins/mep/mep.c
@@ -94,11 +94,11 @@ static void mep_free_config_entry(struct configEntry ** entry);
/*
* helpers
*/
-static char *mep_get_dn(Slapi_PBlock * pb);
+static Slapi_DN *mep_get_sdn(Slapi_PBlock * pb);
static Slapi_DN *mep_get_config_area();
static void mep_set_config_area(Slapi_DN *sdn);
-static int mep_dn_is_config(char *dn);
-static int mep_dn_is_template(char *dn);
+static int mep_dn_is_config(Slapi_DN *sdn);
+static int mep_dn_is_template(const char *dn);
static void mep_find_config(Slapi_Entry *e, struct configEntry **config);
static void mep_find_config_by_template_dn(const char *template_dn,
struct configEntry **config);
@@ -109,7 +109,7 @@ static Slapi_Entry *mep_create_managed_entry(struct configEntry *config,
static void mep_add_managed_entry(struct configEntry *config,
Slapi_Entry *origin);
static void mep_rename_managed_entry(Slapi_Entry *origin,
- char *new_dn, char *old_dn);
+ Slapi_DN *new_dn, Slapi_DN *old_dn);
static Slapi_Mods *mep_get_mapped_mods(struct configEntry *config,
Slapi_Entry *origin, char **mapped_dn);
static int mep_parse_mapped_attr(char *mapping, Slapi_Entry *origin,
@@ -289,7 +289,7 @@ mep_postop_init(Slapi_PBlock *pb)
static int
mep_start(Slapi_PBlock * pb)
{
- char *plugindn = NULL;
+ Slapi_DN *plugindn = NULL;
char *config_area = NULL;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
@@ -312,14 +312,14 @@ mep_start(Slapi_PBlock * pb)
/*
* Get the plug-in target dn from the system
* and store it for future use. */
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &plugindn);
- if (NULL == plugindn || 0 == strlen(plugindn)) {
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &plugindn);
+ if (NULL == plugindn || 0 == strlen(slapi_sdn_get_dn(plugindn))) {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_start: unable to retrieve plugin dn\n");
return -1;
}
- mep_set_plugin_sdn(slapi_sdn_new_dn_byref(plugindn));
+ mep_set_plugin_sdn(slapi_sdn_dup(plugindn));
/* Set the alternate config area if one is defined. */
slapi_pblock_get(pb, SLAPI_PLUGIN_CONFIG_AREA, &config_area);
@@ -434,8 +434,10 @@ mep_load_config()
/* Find the config entries beneath our plugin entry. */
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_load_config: Looking for config entries "
- "beneath \"%s\".\n", slapi_sdn_get_ndn(mep_get_plugin_sdn()));
- slapi_search_internal_set_pb(search_pb, slapi_sdn_get_ndn(mep_get_plugin_sdn()),
+ "beneath \"%s\".\n",
+ slapi_sdn_get_ndn(mep_get_plugin_sdn()));
+ slapi_search_internal_set_pb(search_pb,
+ slapi_sdn_get_ndn(mep_get_plugin_sdn()),
LDAP_SCOPE_SUBTREE, "objectclass=*",
NULL, 0, NULL, NULL, mep_get_plugin_id(), 0);
}
@@ -769,24 +771,17 @@ mep_delete_config()
/*
* Helper functions
*/
-static char *
-mep_get_dn(Slapi_PBlock * pb)
+static Slapi_DN *
+mep_get_sdn(Slapi_PBlock * pb)
{
- char *dn = 0;
+ Slapi_DN *sdn = 0;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
- "--> mep_get_dn\n");
-
- if (slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn)) {
- slapi_log_error(SLAPI_LOG_FATAL, MEP_PLUGIN_SUBSYSTEM,
- "mep_get_dn: failed to get dn of changed entry");
- goto bail;
- }
-
- bail:
+ "--> mep_get_sdn\n");
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
- "<-- mep_get_dn\n");
+ "<-- mep_get_sdn\n");
- return dn;
+ return sdn;
}
static void
@@ -807,20 +802,17 @@ mep_get_config_area()
* Checks if dn is a managed entries config entry.
*/
static int
-mep_dn_is_config(char *dn)
+mep_dn_is_config(Slapi_DN *sdn)
{
int ret = 0;
- Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
"--> mep_dn_is_config\n");
- if (dn == NULL) {
+ if (sdn == NULL) {
goto bail;
}
- sdn = slapi_sdn_new_dn_byref(dn);
-
/* If an alternate config area is configured, treat it's child
* entries as config entries. If the alternate config area is
* not configured, treat children of the top-level plug-in
@@ -838,7 +830,6 @@ mep_dn_is_config(char *dn)
}
bail:
- slapi_sdn_free(&sdn);
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
"<-- mep_dn_is_config\n");
@@ -851,7 +842,7 @@ bail:
* Checks if dn is a managed entries template.
*/
static int
-mep_dn_is_template(char *dn)
+mep_dn_is_template(const char *dn)
{
int ret = 0;
PRCList *list = NULL;
@@ -1139,7 +1130,7 @@ mep_create_managed_entry(struct configEntry *config, Slapi_Entry *origin)
/* Create the DN using the mapped RDN value
* and the base specified in the config. */
- dn = slapi_create_dn_string("%s=%s,%s", rdn_type, rdn_val, config->managed_base);
+ dn = slapi_ch_smprintf("%s=%s,%s", rdn_type, rdn_val, config->managed_base);
slapi_ch_free_string(&rdn_val);
@@ -1283,8 +1274,9 @@ mep_add_managed_entry(struct configEntry *config,
* Renames a managed entry and updates the pointer in the
* origin entry.
*/
-static void mep_rename_managed_entry(Slapi_Entry *origin,
- char *new_dn, char *old_dn)
+static void
+mep_rename_managed_entry(Slapi_Entry *origin,
+ Slapi_DN *new_dn, Slapi_DN *old_dn)
{
Slapi_RDN *srdn = slapi_rdn_new();
Slapi_PBlock *mep_pb = slapi_pblock_new();
@@ -1299,10 +1291,10 @@ static void mep_rename_managed_entry(Slapi_Entry *origin,
}
/* Create new RDN */
- slapi_rdn_set_dn(srdn, new_dn);
+ slapi_rdn_set_dn(srdn, slapi_sdn_get_ndn(new_dn));
/* Rename the managed entry. */
- slapi_rename_internal_set_pb(mep_pb, old_dn,
+ slapi_rename_internal_set_pb_ext(mep_pb, old_dn,
slapi_rdn_get_rdn(srdn),
NULL, 1, NULL, NULL, mep_get_plugin_id(), 0);
slapi_modrdn_internal_pb(mep_pb);
@@ -1311,14 +1303,14 @@ static void mep_rename_managed_entry(Slapi_Entry *origin,
if (result != LDAP_SUCCESS) {
slapi_log_error(SLAPI_LOG_FATAL, MEP_PLUGIN_SUBSYSTEM,
"mep_rename_managed_entry: Unable to rename managed "
- "entry \"%s\" to \"%s\" (%s).\n", old_dn,
- new_dn, ldap_err2string(result));
+ "entry \"%s\" to \"%s\" (%s).\n", slapi_sdn_get_dn(old_dn),
+ slapi_sdn_get_dn(new_dn), ldap_err2string(result));
} else {
/* Clear out the pblock for reuse. */
slapi_pblock_init(mep_pb);
/* Update the link to the managed entry in the origin entry. */
- vals[0] = new_dn;
+ vals[0] = (char *)slapi_sdn_get_dn(new_dn);
vals[1] = 0;
mod.mod_op = LDAP_MOD_REPLACE;
mod.mod_type = MEP_MANAGED_ENTRY_TYPE;
@@ -1742,7 +1734,7 @@ mep_is_mapped_attr(Slapi_Entry *template, char *type)
static int
mep_pre_op(Slapi_PBlock * pb, int modop)
{
- char *dn = 0;
+ Slapi_DN *sdn = NULL;
Slapi_Entry *e = 0;
Slapi_Mods *smods = 0;
LDAPMod **mods;
@@ -1762,10 +1754,10 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
/* See if we're calling ourselves. */
slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &caller_id);
- if (0 == (dn = mep_get_dn(pb)))
+ if (0 == (sdn = mep_get_sdn(pb)))
goto bail;
- if (mep_dn_is_config(dn)) {
+ if (mep_dn_is_config(sdn)) {
/* Validate config changes, but don't apply them.
* This allows us to reject invalid config changes
* here at the pre-op stage. Applying the config
@@ -1777,10 +1769,8 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
} else if (LDAP_CHANGETYPE_MODIFY == modop) {
/* Fetch the entry being modified so we can
* create the resulting entry for validation. */
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
- if (tmp_dn) {
- slapi_search_internal_get_entry(tmp_dn, 0, &e, mep_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
+ if (sdn) {
+ slapi_search_internal_get_entry(sdn, 0, &e, mep_get_plugin_id());
free_entry = 1;
}
@@ -1829,11 +1819,10 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
goto bail;
}
- mep_find_config_by_template_dn(dn, &config);
+ mep_find_config_by_template_dn(slapi_sdn_get_dn(sdn), &config);
if (config) {
Slapi_Entry *test_entry = NULL;
struct configEntry *config_copy = NULL;
- Slapi_DN *tmp_dn = NULL;
config_copy = (struct configEntry *)slapi_ch_calloc(1, sizeof(struct configEntry));
@@ -1860,12 +1849,9 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
ret = LDAP_UNWILLING_TO_PERFORM;
break;
case LDAP_CHANGETYPE_MODIFY:
- tmp_dn = slapi_sdn_new_dn_byref(dn);
-
/* Fetch the existing template entry. */
- if (tmp_dn) {
- slapi_search_internal_get_entry(tmp_dn, 0, &e, mep_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
+ if (sdn) {
+ slapi_search_internal_get_entry(sdn, 0, &e, mep_get_plugin_id());
free_entry = 1;
}
@@ -1920,7 +1906,6 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
* this plugin. */
if (((modop == LDAP_CHANGETYPE_DELETE) || (modop == LDAP_CHANGETYPE_MODDN) ||
(modop == LDAP_CHANGETYPE_MODIFY)) && (caller_id != mep_get_plugin_id())) {
- Slapi_DN *tmp_dn = slapi_sdn_new_dn_byref(dn);
Slapi_Entry *origin_e = NULL;
Slapi_Mod *smod = NULL;
Slapi_Mod *next_mod = NULL;
@@ -1928,14 +1913,13 @@ mep_pre_op(Slapi_PBlock * pb, int modop)
Slapi_DN *origin_sdn = NULL;
/* Fetch the target entry. */
- if (tmp_dn) {
+ if (sdn) {
/* Free any existing entry so we don't leak it. */
if (e && free_entry) {
slapi_entry_free(e);
}
- slapi_search_internal_get_entry(tmp_dn, 0, &e, mep_get_plugin_id());
- slapi_sdn_free(&tmp_dn);
+ slapi_search_internal_get_entry(sdn, 0, &e, mep_get_plugin_id());
free_entry = 1;
}
@@ -2070,7 +2054,7 @@ mep_mod_post_op(Slapi_PBlock *pb)
Slapi_Mods *smods = NULL;
Slapi_PBlock *mep_pb = NULL;
Slapi_Entry *e = NULL;
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
char *managed_dn = NULL;
Slapi_DN *managed_sdn = NULL;
char *mapped_dn = NULL;
@@ -2085,9 +2069,9 @@ mep_mod_post_op(Slapi_PBlock *pb)
if (!g_plugin_started)
return 0;
- if (mep_oktodo(pb) && (dn = mep_get_dn(pb))) {
+ if (mep_oktodo(pb) && (sdn = mep_get_sdn(pb))) {
/* First check if the config or a template is being modified. */
- if (mep_dn_is_config(dn) || mep_dn_is_template(dn)) {
+ if (mep_dn_is_config(sdn) || mep_dn_is_template(slapi_sdn_get_dn(sdn))) {
mep_load_config();
}
@@ -2143,7 +2127,7 @@ mep_mod_post_op(Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_FATAL, MEP_PLUGIN_SUBSYSTEM,
"mep_mod_post_op: Unable to update mapped "
"attributes from origin entry \"%s\" in managed "
- "entry \"%s\" (%s).\n", dn, managed_dn,
+ "entry \"%s\" (%s).\n", slapi_sdn_get_dn(sdn), managed_dn,
ldap_err2string(result));
}
@@ -2157,7 +2141,7 @@ mep_mod_post_op(Slapi_PBlock *pb)
managed_sdn = slapi_sdn_new_dn_byref(managed_dn);
if (slapi_sdn_compare(managed_sdn, mapped_sdn) != 0) {
- mep_rename_managed_entry(e, mapped_dn, managed_dn);
+ mep_rename_managed_entry(e, mapped_sdn, managed_sdn);
}
slapi_sdn_free(&mapped_sdn);
@@ -2166,7 +2150,7 @@ mep_mod_post_op(Slapi_PBlock *pb)
} else {
slapi_log_error(SLAPI_LOG_FATAL, MEP_PLUGIN_SUBSYSTEM,
"mep_mod_post_op: Unable to find config for origin "
- "entry \"%s\".\n", dn);
+ "entry \"%s\".\n", slapi_sdn_get_dn(sdn));
}
slapi_ch_free_string(&managed_dn);
@@ -2187,7 +2171,7 @@ static int
mep_add_post_op(Slapi_PBlock *pb)
{
Slapi_Entry *e = NULL;
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
struct configEntry *config = NULL;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
@@ -2198,8 +2182,8 @@ mep_add_post_op(Slapi_PBlock *pb)
return 0;
/* Reload config if a config entry was added. */
- if ((dn = mep_get_dn(pb))) {
- if (mep_dn_is_config(dn)) {
+ if ((sdn = mep_get_sdn(pb))) {
+ if (mep_dn_is_config(sdn)) {
mep_load_config();
}
} else {
@@ -2241,7 +2225,7 @@ mep_add_post_op(Slapi_PBlock *pb)
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_add_post_op: Error "
- "retrieving post-op entry %s\n", dn);
+ "retrieving post-op entry %s\n", slapi_sdn_get_dn(sdn));
}
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
@@ -2253,8 +2237,8 @@ mep_add_post_op(Slapi_PBlock *pb)
static int
mep_del_post_op(Slapi_PBlock *pb)
{
- char *dn = NULL;
Slapi_Entry *e = NULL;
+ Slapi_DN *sdn = NULL;
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
"--> mep_del_post_op\n");
@@ -2265,8 +2249,8 @@ mep_del_post_op(Slapi_PBlock *pb)
}
/* Reload config if a config entry was deleted. */
- if ((dn = mep_get_dn(pb))) {
- if (mep_dn_is_config(dn))
+ if ((sdn = mep_get_sdn(pb))) {
+ if (mep_dn_is_config(sdn))
mep_load_config();
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
@@ -2299,7 +2283,7 @@ mep_del_post_op(Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_del_post_op: Deleting managed entry "
"\"%s\" due to deletion of origin entry "
- "\"%s\".\n ", managed_dn, dn);
+ "\"%s\".\n ", managed_dn, slapi_sdn_get_dn(sdn));
slapi_delete_internal_set_pb(mep_pb, managed_dn, NULL,
NULL, mep_get_plugin_id(), 0);
slapi_delete_internal_pb(mep_pb);
@@ -2310,7 +2294,7 @@ mep_del_post_op(Slapi_PBlock *pb)
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_del_post_op: Error "
- "retrieving pre-op entry %s\n", dn);
+ "retrieving pre-op entry %s\n", slapi_sdn_get_dn(sdn));
}
slapi_log_error(SLAPI_LOG_TRACE, MEP_PLUGIN_SUBSYSTEM,
@@ -2322,8 +2306,9 @@ mep_del_post_op(Slapi_PBlock *pb)
static int
mep_modrdn_post_op(Slapi_PBlock *pb)
{
- char *old_dn = NULL;
- char *new_dn = NULL;
+ const char *new_dn = NULL;
+ Slapi_DN *old_sdn = NULL;
+ Slapi_DN *new_sdn = NULL;
Slapi_Entry *post_e = NULL;
char *managed_dn = NULL;
struct configEntry *config = NULL;
@@ -2340,7 +2325,8 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
* config entries. */
slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &post_e);
if (post_e) {
- new_dn = slapi_entry_get_ndn(post_e);
+ new_sdn = slapi_entry_get_sdn(post_e);
+ new_dn = slapi_sdn_get_dn(new_sdn);
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_modrdn_post_op: Error "
@@ -2348,8 +2334,8 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
return 0;
}
- if ((old_dn = mep_get_dn(pb))) {
- if (mep_dn_is_config(old_dn) || mep_dn_is_config(new_dn))
+ if ((old_sdn = mep_get_sdn(pb))) {
+ if (mep_dn_is_config(old_sdn) || mep_dn_is_config(new_sdn))
mep_load_config();
} else {
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
@@ -2398,7 +2384,7 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
"mep_modrdn_post_op: Removing managed entry \"%s\" "
"since origin entry \"%s\" was moved out of scope.\n",
- managed_dn, old_dn);
+ managed_dn, slapi_sdn_get_dn(old_sdn));
slapi_delete_internal_set_pb (mep_pb, managed_dn, NULL, NULL,
mep_get_plugin_id(), 0);
slapi_delete_internal_pb(mep_pb);
@@ -2442,7 +2428,7 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
}
} else {
/* Update backlink to new origin DN in managed entry. */
- vals[0] = new_dn;
+ vals[0] = (char *)new_dn;
vals[1] = 0;
mod.mod_op = LDAP_MOD_REPLACE;
mod.mod_type = MEP_MANAGED_BY_TYPE;
@@ -2498,8 +2484,11 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
"mep_modrdn_post_op: Renaming managed entry "
"\"%s\" to \"%s\" due to rename of origin "
"entry \"%s\".\n ", managed_dn,
- slapi_entry_get_dn(new_managed_entry), old_dn);
- mep_rename_managed_entry(post_e, slapi_entry_get_dn(new_managed_entry), managed_dn);
+ slapi_entry_get_dn(new_managed_entry),
+ slapi_sdn_get_dn(old_sdn));
+ mep_rename_managed_entry(post_e,
+ slapi_entry_get_sdn(new_managed_entry),
+ managed_sdn);
}
/* Update all of the mapped attributes
diff --git a/ldap/servers/plugins/pam_passthru/pam_passthru.h b/ldap/servers/plugins/pam_passthru/pam_passthru.h
index 6a9d332..748c2f1 100644
--- a/ldap/servers/plugins/pam_passthru/pam_passthru.h
+++ b/ldap/servers/plugins/pam_passthru/pam_passthru.h
@@ -129,7 +129,7 @@ void * pam_passthruauth_get_plugin_identity();
*/
int pam_passthru_config( Slapi_Entry *config_e );
Pam_PassthruConfig *pam_passthru_get_config( void );
-int pam_passthru_check_suffix(Pam_PassthruConfig *cfg, char *binddn);
+int pam_passthru_check_suffix(Pam_PassthruConfig *cfg, const char *binddn);
/*
* pam_ptimpl.c
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptconfig.c b/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
index beff65d..bde2ef6 100644
--- a/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
+++ b/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
@@ -538,7 +538,7 @@ pam_passthru_apply_config (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Ent
}
int
-pam_passthru_check_suffix(Pam_PassthruConfig *cfg, char *binddn)
+pam_passthru_check_suffix(Pam_PassthruConfig *cfg, const char *binddn)
{
Slapi_DN *comp_dn;
Pam_PassthruSuffix *try;
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptimpl.c b/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
index 662239f..2aedec7 100644
--- a/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
+++ b/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
@@ -91,7 +91,7 @@ struct my_pam_conv_str {
* Get the PAM identity from the value of the leftmost RDN in the BIND DN.
*/
static char *
-derive_from_bind_dn(Slapi_PBlock *pb, char *binddn, MyStrBuf *pam_id)
+derive_from_bind_dn(Slapi_PBlock *pb, const char *binddn, MyStrBuf *pam_id)
{
Slapi_RDN *rdn;
char *type = NULL;
@@ -106,7 +106,8 @@ derive_from_bind_dn(Slapi_PBlock *pb, char *binddn, MyStrBuf *pam_id)
}
static char *
-derive_from_bind_entry(Slapi_PBlock *pb, char *binddn, MyStrBuf *pam_id, char *map_ident_attr, int *locked)
+derive_from_bind_entry(Slapi_PBlock *pb, const char *binddn,
+ MyStrBuf *pam_id, char *map_ident_attr, int *locked)
{
char buf[BUFSIZ];
Slapi_Entry *entry = NULL;
@@ -264,7 +265,8 @@ do_one_pam_auth(
)
{
MyStrBuf pam_id;
- char *binddn = NULL;
+ const char *binddn = NULL;
+ Slapi_DN *bindsdn = NULL;
int rc;
int retcode = LDAP_SUCCESS;
pam_handle_t *pam_handle;
@@ -274,7 +276,13 @@ do_one_pam_auth(
char *errmsg = NULL; /* free with PR_smprintf_free */
int locked = 0;
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &binddn );
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &bindsdn );
+ if (NULL == bindsdn) {
+ errmsg = PR_smprintf("Null bind dn");
+ retcode = LDAP_OPERATIONS_ERROR;
+ goto done; /* skip the pam stuff */
+ }
+ binddn = slapi_sdn_get_dn(bindsdn);
if (method == PAMPT_MAP_METHOD_RDN) {
derive_from_bind_dn(pb, binddn, &pam_id);
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptpreop.c b/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
index 9e14c26..d726017 100644
--- a/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
+++ b/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
@@ -165,10 +165,12 @@ static int
pam_passthru_bindpreop( Slapi_PBlock *pb )
{
int rc, method;
- char *normbinddn, *errmsg = NULL;
+ const char *normbinddn;
+ char *errmsg = NULL;
+ Slapi_DN *bindsdn = NULL;
Pam_PassthruConfig *cfg;
struct berval *creds;
- int retcode = PAM_PASSTHRU_OP_NOT_HANDLED;
+ int retcode = PAM_PASSTHRU_OP_NOT_HANDLED;
PAM_PASSTHRU_ASSERT( pb != NULL );
@@ -179,12 +181,13 @@ pam_passthru_bindpreop( Slapi_PBlock *pb )
* retrieve parameters for bind operation
*/
if ( slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method ) != 0 ||
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &normbinddn ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &bindsdn ) != 0 ||
slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds ) != 0 ) {
slapi_log_error( SLAPI_LOG_FATAL, PAM_PASSTHRU_PLUGIN_SUBSYSTEM,
"<= not handled (unable to retrieve bind parameters)\n" );
return retcode;
}
+ normbinddn = slapi_sdn_get_dn(bindsdn);
/*
* We only handle simple bind requests that include non-NULL binddn and
diff --git a/ldap/servers/plugins/passthru/passthru.h b/ldap/servers/plugins/passthru/passthru.h
index ac19849..e0421ac 100644
--- a/ldap/servers/plugins/passthru/passthru.h
+++ b/ldap/servers/plugins/passthru/passthru.h
@@ -136,7 +136,7 @@ typedef struct passthruconfig {
* ptbind.c:
*/
int passthru_simple_bind_s( Slapi_PBlock *pb, PassThruServer *srvr, int tries,
- char *dn, struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
+ const char *dn, struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
LDAPControl ***resctrlsp );
@@ -149,7 +149,7 @@ PassThruConfig *passthru_get_config( void );
/*
* ptconn.c:
*/
-int passthru_dn2server( PassThruConfig *cfg, char *normdn,
+int passthru_dn2server( PassThruConfig *cfg, const char *normdn,
PassThruServer **srvrp );
int passthru_get_connection( PassThruServer *srvr, LDAP **ldp );
void passthru_release_connection( PassThruServer *srvr, LDAP *ld, int dispose );
diff --git a/ldap/servers/plugins/passthru/ptbind.c b/ldap/servers/plugins/passthru/ptbind.c
index 063ba15..efbc896 100644
--- a/ldap/servers/plugins/passthru/ptbind.c
+++ b/ldap/servers/plugins/passthru/ptbind.c
@@ -48,7 +48,7 @@
#include "passthru.h"
static int
-passthru_simple_bind_once_s( PassThruServer *srvr, char *dn,
+passthru_simple_bind_once_s( PassThruServer *srvr, const char *dn,
struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
LDAPControl ***resctrlsp );
@@ -68,7 +68,7 @@ passthru_simple_bind_once_s( PassThruServer *srvr, char *dn,
*/
int
passthru_simple_bind_s( Slapi_PBlock *pb, PassThruServer *srvr, int tries,
- char *dn, struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
+ const char *dn, struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
LDAPControl ***resctrlsp )
{
@@ -102,7 +102,7 @@ passthru_simple_bind_s( Slapi_PBlock *pb, PassThruServer *srvr, int tries,
* like passthru_simple_bind_s() but only makes one attempt.
*/
static int
-passthru_simple_bind_once_s( PassThruServer *srvr, char *dn,
+passthru_simple_bind_once_s( PassThruServer *srvr, const char *dn,
struct berval *creds, LDAPControl **reqctrls, int *lderrnop,
char **matcheddnp, char **errmsgp, struct berval ***refurlsp,
LDAPControl ***resctrlsp )
diff --git a/ldap/servers/plugins/passthru/ptconn.c b/ldap/servers/plugins/passthru/ptconn.c
index 1001c98..a3e2bd2 100644
--- a/ldap/servers/plugins/passthru/ptconn.c
+++ b/ldap/servers/plugins/passthru/ptconn.c
@@ -50,7 +50,7 @@
/*
* function prototypes
*/
-static int dn_is_underneath_suffix( PassThruSuffix *suffix, char *normdn,
+static int dn_is_underneath_suffix( PassThruSuffix *suffix, const char *normdn,
int dnlen );
static void close_and_dispose_connection( PassThruConnection *conn );
static void check_for_stale_connections( PassThruServer *srvr );
@@ -107,7 +107,7 @@ static void check_for_stale_connections( PassThruServer *srvr );
* LDAP_NO_SUCH_OBJECT let this server handle the bind.
*/
int
-passthru_dn2server( PassThruConfig *cfg, char *normdn, PassThruServer **srvrp )
+passthru_dn2server( PassThruConfig *cfg, const char *normdn, PassThruServer **srvrp )
{
PassThruServer *ptsrvr;
PassThruSuffix *ptsuffix;
@@ -360,7 +360,7 @@ passthru_close_all_connections( PassThruConfig *cfg )
* return non-zero value if normdn falls underneath a suffix
*/
static int
-dn_is_underneath_suffix( PassThruSuffix *suffix, char *normdn, int dnlen )
+dn_is_underneath_suffix( PassThruSuffix *suffix, const char *normdn, int dnlen )
{
PASSTHRU_ASSERT( suffix != NULL );
PASSTHRU_ASSERT( normdn != NULL );
@@ -368,7 +368,7 @@ dn_is_underneath_suffix( PassThruSuffix *suffix, char *normdn, int dnlen )
return ( suffix->ptsuffix_len <= dnlen &&
slapi_UTF8CASECMP( suffix->ptsuffix_normsuffix,
- normdn + ( dnlen - suffix->ptsuffix_len )) == 0 );
+ (char *)normdn + ( dnlen - suffix->ptsuffix_len )) == 0 );
}
diff --git a/ldap/servers/plugins/passthru/ptpreop.c b/ldap/servers/plugins/passthru/ptpreop.c
index e566c64..1f73cf1 100644
--- a/ldap/servers/plugins/passthru/ptpreop.c
+++ b/ldap/servers/plugins/passthru/ptpreop.c
@@ -149,7 +149,9 @@ static int
passthru_bindpreop( Slapi_PBlock *pb )
{
int rc, method, freeresctrls=1;
- char *normbinddn, *matcheddn;
+ char *matcheddn;
+ const char *normbinddn = NULL;
+ Slapi_DN *sdn = NULL;
char *libldap_errmsg, *pr_errmsg, *errmsg;
PassThruConfig *cfg;
PassThruServer *srvr;
@@ -165,14 +167,15 @@ passthru_bindpreop( Slapi_PBlock *pb )
* retrieve parameters for bind operation
*/
if ( slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method ) != 0 ||
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &normbinddn ) != 0 ||
- slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds ) != 0 ) {
- slapi_log_error( SLAPI_LOG_FATAL, PASSTHRU_PLUGIN_SUBSYSTEM,
- "<= not handled (unable to retrieve bind parameters)\n" );
- return( PASSTHRU_OP_NOT_HANDLED );
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &sdn ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &creds ) != 0 ) {
+ slapi_log_error( SLAPI_LOG_FATAL, PASSTHRU_PLUGIN_SUBSYSTEM,
+ "<= not handled (unable to retrieve bind parameters)\n" );
+ return( PASSTHRU_OP_NOT_HANDLED );
}
+ normbinddn = slapi_sdn_get_dn(sdn);
if ( normbinddn == NULL ) {
- normbinddn = "";
+ normbinddn = "";
}
/*
diff --git a/ldap/servers/plugins/referint/referint.c b/ldap/servers/plugins/referint/referint.c
index 8b3ac75..8fa9aa3 100644
--- a/ldap/servers/plugins/referint/referint.c
+++ b/ldap/servers/plugins/referint/referint.c
@@ -158,6 +158,7 @@ int
referint_postop_del( Slapi_PBlock *pb )
{
char *dn;
+ Slapi_DN *sdn = NULL;
int rc;
int oprc;
char **argv;
@@ -168,7 +169,7 @@ referint_postop_del( Slapi_PBlock *pb )
void *txn = NULL;
if ( slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &isrepop ) != 0 ||
- slapi_pblock_get( pb, SLAPI_DELETE_TARGET, &dn ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_DELETE_TARGET_SDN, &sdn ) != 0 ||
slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &oprc) != 0 ||
slapi_pblock_get(pb, SLAPI_TXN, &txn) != 0)
{
@@ -176,6 +177,7 @@ referint_postop_del( Slapi_PBlock *pb )
"referint_postop_del: could not get parameters\n" );
return( -1 );
}
+ dn = (char *)slapi_sdn_get_dn(sdn);
/* this plugin should only execute if the delete was successful
and this is not a replicated op
@@ -235,8 +237,9 @@ int
referint_postop_modrdn( Slapi_PBlock *pb )
{
char *dn;
+ Slapi_DN *sdn = NULL;
char *newrdn;
- char *newsuperior;
+ Slapi_DN *newsuperior;
int oprc;
int rc;
char **argv;
@@ -247,9 +250,9 @@ referint_postop_modrdn( Slapi_PBlock *pb )
void *txn = NULL;
if ( slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &isrepop ) != 0 ||
- slapi_pblock_get( pb, SLAPI_MODRDN_TARGET, &dn ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_MODRDN_TARGET_SDN, &sdn ) != 0 ||
slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn ) != 0 ||
- slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperior ) != 0 ||
+ slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior ) != 0 ||
slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &oprc) != 0 ||
slapi_pblock_get(pb, SLAPI_TXN, &txn) != 0) {
@@ -257,6 +260,7 @@ referint_postop_modrdn( Slapi_PBlock *pb )
"referint_postop_modrdn: could not get parameters\n" );
return( -1 );
}
+ dn = (char *)slapi_sdn_get_dn(sdn);
/* this plugin should only execute if the delete was successful
and this is not a replicated op
@@ -299,11 +303,12 @@ referint_postop_modrdn( Slapi_PBlock *pb )
rc = 0;
}else if(delay == 0){
/* no delay */
- /* call function to update references to entry */
- rc = update_integrity(argv, dn, newrdn, newsuperior, logChanges, txn);
+ /* call function to update references to entry */
+ rc = update_integrity(argv, dn, newrdn,
+ slapi_sdn_get_dn(newsuperior), logChanges, txn);
}else{
/* write the entry to integrity log */
- writeintegritylog(argv[1],dn, newrdn, newsuperior);
+ writeintegritylog(argv[1], dn, newrdn, slapi_sdn_get_dn(newsuperior));
rc = 0;
}
diff --git a/ldap/servers/plugins/replication/cl4_api.c b/ldap/servers/plugins/replication/cl4_api.c
index c7d0ce0..ab72793 100644
--- a/ldap/servers/plugins/replication/cl4_api.c
+++ b/ldap/servers/plugins/replication/cl4_api.c
@@ -533,7 +533,7 @@ static int _cl4ResolveTargetDN (Slapi_Entry *entry, Slapi_DN **newTargetDN)
if (strcasecmp (changetype, "add") == 0) /* this is add operation - we have rawdn */
slapi_sdn_set_dn_byref (targetSDN, targetdn);
else
- slapi_sdn_set_ndn_byref (targetSDN, targetdn);
+ slapi_sdn_set_normdn_byref (targetSDN, targetdn);
/* read the entry to which the change was applied */
rc = _cl4GetTargetEntry (targetSDN, uniqueid, &targetEntry);
diff --git a/ldap/servers/plugins/replication/cl5_api.c b/ldap/servers/plugins/replication/cl5_api.c
index c360444..99b3674 100644
--- a/ldap/servers/plugins/replication/cl5_api.c
+++ b/ldap/servers/plugins/replication/cl5_api.c
@@ -1060,7 +1060,7 @@ cl5ImportLDIF (const char *clDir, const char *ldifFile, Object **replicas)
"cl5ImportLDIF: "
"failed to write operation to the changelog: "
"type: %lu, dn: %s\n",
- op.operation_type, op.target_address.dn);
+ op.operation_type, REPL_GET_DN(&op.target_address));
slapi_ch_free_string(&replGen);
operation_parameters_done (&op);
goto done;
@@ -1080,7 +1080,7 @@ cl5ImportLDIF (const char *clDir, const char *ldifFile, Object **replicas)
"cl5ImportLDIF: "
"failed to write operation to the changelog: "
"type: %lu, dn: %s\n",
- op.operation_type, op.target_address.dn);
+ op.operation_type, REPL_GET_DN(&op.target_address));
object_release (replica_obj);
slapi_ch_free_string(&replGen);
operation_parameters_done (&op);
@@ -2150,7 +2150,7 @@ static int _cl5Entry2DBData (const CL5Entry *entry, char **data, PRUint32 *len)
}
break;
- case SLAPI_OPERATION_MODIFY: size += strlen (op->target_address.dn) + 1;
+ case SLAPI_OPERATION_MODIFY: size += strlen (REPL_GET_DN(&op->target_address)) + 1;
/* Need larger buffer for the encrypted changelog */
if (s_cl5Desc.clcrypt_handle) {
size += (_cl5GetModsSize (op->p.p_modify.modify_mods) * (1 + BACK_CRYPT_OUTBUFF_EXTLEN));
@@ -2159,11 +2159,11 @@ static int _cl5Entry2DBData (const CL5Entry *entry, char **data, PRUint32 *len)
}
break;
- case SLAPI_OPERATION_MODRDN: size += strlen (op->target_address.dn) + 1;
+ case SLAPI_OPERATION_MODRDN: size += strlen (REPL_GET_DN(&op->target_address)) + 1;
/* 1 for deleteoldrdn */
size += strlen (op->p.p_modrdn.modrdn_newrdn) + 2;
- if (op->p.p_modrdn.modrdn_newsuperior_address.dn)
- size += strlen (op->p.p_modrdn.modrdn_newsuperior_address.dn) + 1;
+ if (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address))
+ size += strlen (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address)) + 1;
else
size ++; /* for NULL char */
if (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid)
@@ -2178,7 +2178,7 @@ static int _cl5Entry2DBData (const CL5Entry *entry, char **data, PRUint32 *len)
}
break;
- case SLAPI_OPERATION_DELETE: size += strlen (op->target_address.dn) + 1;
+ case SLAPI_OPERATION_DELETE: size += strlen (REPL_GET_DN(&op->target_address)) + 1;
break;
}
@@ -2218,20 +2218,20 @@ static int _cl5Entry2DBData (const CL5Entry *entry, char **data, PRUint32 *len)
ldap_mods_free (add_mods, 1);
break;
- case SLAPI_OPERATION_MODIFY: _cl5WriteString (op->target_address.dn, &pos);
+ case SLAPI_OPERATION_MODIFY: _cl5WriteString (REPL_GET_DN(&op->target_address), &pos);
_cl5WriteMods (op->p.p_modify.modify_mods, &pos);
break;
- case SLAPI_OPERATION_MODRDN: _cl5WriteString (op->target_address.dn, &pos);
+ case SLAPI_OPERATION_MODRDN: _cl5WriteString (REPL_GET_DN(&op->target_address), &pos);
_cl5WriteString (op->p.p_modrdn.modrdn_newrdn, &pos);
*pos = (PRUint8)op->p.p_modrdn.modrdn_deloldrdn;
pos ++;
- _cl5WriteString (op->p.p_modrdn.modrdn_newsuperior_address.dn, &pos);
+ _cl5WriteString (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address), &pos);
_cl5WriteString (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid, &pos);
_cl5WriteMods (op->p.p_modrdn.modrdn_mods, &pos);
break;
- case SLAPI_OPERATION_DELETE: _cl5WriteString (op->target_address.dn, &pos);
+ case SLAPI_OPERATION_DELETE: _cl5WriteString (REPL_GET_DN(&op->target_address), &pos);
break;
}
@@ -2319,27 +2319,31 @@ cl5DBData2Entry (const char *data, PRUint32 len, CL5Entry *entry)
case SLAPI_OPERATION_ADD: _cl5ReadString (&op->p.p_add.parentuniqueid, &pos);
/* richm: need to free parentuniqueid */
_cl5ReadString (&rawDN, &pos);
- op->target_address.dn = rawDN;
+ op->target_address.sdn = slapi_sdn_new_dn_passin(rawDN);
/* convert mods to entry */
rc = _cl5ReadMods (&add_mods, &pos);
slapi_mods2entry (&(op->p.p_add.target_entry), rawDN, add_mods);
ldap_mods_free (add_mods, 1);
break;
- case SLAPI_OPERATION_MODIFY: _cl5ReadString (&op->target_address.dn, &pos);
+ case SLAPI_OPERATION_MODIFY: _cl5ReadString (&rawDN, &pos);
+ op->target_address.sdn = slapi_sdn_new_dn_passin(rawDN);
rc = _cl5ReadMods (&op->p.p_modify.modify_mods, &pos);
break;
- case SLAPI_OPERATION_MODRDN: _cl5ReadString (&op->target_address.dn, &pos);
+ case SLAPI_OPERATION_MODRDN: _cl5ReadString (&rawDN, &pos);
+ op->target_address.sdn = slapi_sdn_new_dn_passin(rawDN);
_cl5ReadString (&op->p.p_modrdn.modrdn_newrdn, &pos);
op->p.p_modrdn.modrdn_deloldrdn = *pos;
pos ++;
- _cl5ReadString (&op->p.p_modrdn.modrdn_newsuperior_address.dn, &pos);
+ _cl5ReadString (&rawDN, &pos);
+ op->p.p_modrdn.modrdn_newsuperior_address.sdn = slapi_sdn_new_dn_passin(rawDN);
_cl5ReadString (&op->p.p_modrdn.modrdn_newsuperior_address.uniqueid, &pos);
rc = _cl5ReadMods (&op->p.p_modrdn.modrdn_mods, &pos);
break;
- case SLAPI_OPERATION_DELETE: _cl5ReadString (&op->target_address.dn, &pos);
+ case SLAPI_OPERATION_DELETE: _cl5ReadString (&rawDN, &pos);
+ op->target_address.sdn = slapi_sdn_new_dn_passin(rawDN);
rc = CL5_SUCCESS;
break;
@@ -4210,7 +4214,7 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
"_cl5Operation2LDIF(MODIFY): mods are NULL\n");
return CL5_BAD_FORMAT;
}
- len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), strlen (op->target_address.dn));
+ len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), strlen (REPL_GET_DN(&op->target_address)));
l = make_changes_string(op->p.p_modify.modify_mods, NULL);
len += LDIF_SIZE_NEEDED(strlen (T_CHANGESTR), l->ls_len);
break;
@@ -4220,15 +4224,15 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
"_cl5Operation2LDIF(MODRDN): mods are NULL\n");
return CL5_BAD_FORMAT;
}
- len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), strlen (op->target_address.dn));
+ len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), strlen (REPL_GET_DN(&op->target_address)));
len += LDIF_SIZE_NEEDED(strlen (T_NEWRDNSTR),
strlen (op->p.p_modrdn.modrdn_newrdn));
strDeleteOldRDN = (op->p.p_modrdn.modrdn_deloldrdn ? "true" : "false");
len += LDIF_SIZE_NEEDED(strlen (T_DRDNFLAGSTR),
strlen (strDeleteOldRDN));
- if (op->p.p_modrdn.modrdn_newsuperior_address.dn)
+ if (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address))
len += LDIF_SIZE_NEEDED(strlen (T_NEWSUPERIORDNSTR),
- strlen (op->p.p_modrdn.modrdn_newsuperior_address.dn));
+ strlen (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address)));
if (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid)
len += LDIF_SIZE_NEEDED(strlen (T_NEWSUPERIORIDSTR),
strlen (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid));
@@ -4236,12 +4240,12 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
len += LDIF_SIZE_NEEDED(strlen (T_CHANGESTR), l->ls_len);
break;
- case SLAPI_OPERATION_DELETE: if (NULL == op->target_address.dn) {
+ case SLAPI_OPERATION_DELETE: if (NULL == REPL_GET_DN(&op->target_address)) {
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl,
"_cl5Operation2LDIF(DELETE): target dn is NULL\n");
return CL5_BAD_FORMAT;
}
- len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), strlen (op->target_address.dn));
+ len += LDIF_SIZE_NEEDED(strlen (T_DNSTR), strlen (REPL_GET_DN(&op->target_address)));
break;
default: slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl,
@@ -4277,21 +4281,21 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
slapi_ch_free ((void**)&rawDN);
break;
- case SLAPI_OPERATION_MODIFY: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, op->target_address.dn,
- strlen (op->target_address.dn), 0);
+ case SLAPI_OPERATION_MODIFY: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, REPL_GET_DN(&op->target_address),
+ strlen (REPL_GET_DN(&op->target_address)), 0);
slapi_ldif_put_type_and_value_with_options(&buff, T_CHANGESTR, l->ls_buf, l->ls_len, 0);
break;
- case SLAPI_OPERATION_MODRDN: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, op->target_address.dn,
- strlen (op->target_address.dn), 0);
+ case SLAPI_OPERATION_MODRDN: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, REPL_GET_DN(&op->target_address),
+ strlen (REPL_GET_DN(&op->target_address)), 0);
slapi_ldif_put_type_and_value_with_options(&buff, T_NEWRDNSTR, op->p.p_modrdn.modrdn_newrdn,
strlen (op->p.p_modrdn.modrdn_newrdn), 0);
slapi_ldif_put_type_and_value_with_options(&buff, T_DRDNFLAGSTR, strDeleteOldRDN,
strlen (strDeleteOldRDN), 0);
- if (op->p.p_modrdn.modrdn_newsuperior_address.dn)
+ if (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address))
slapi_ldif_put_type_and_value_with_options(&buff, T_NEWSUPERIORDNSTR,
- op->p.p_modrdn.modrdn_newsuperior_address.dn,
- strlen (op->p.p_modrdn.modrdn_newsuperior_address.dn), 0);
+ REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address),
+ strlen (REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address)), 0);
if (op->p.p_modrdn.modrdn_newsuperior_address.uniqueid)
slapi_ldif_put_type_and_value_with_options(&buff, T_NEWSUPERIORIDSTR,
op->p.p_modrdn.modrdn_newsuperior_address.uniqueid,
@@ -4299,8 +4303,8 @@ static int _cl5Operation2LDIF (const slapi_operation_parameters *op, const char
slapi_ldif_put_type_and_value_with_options(&buff, T_CHANGESTR, l->ls_buf, l->ls_len, 0);
break;
- case SLAPI_OPERATION_DELETE: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, op->target_address.dn,
- strlen (op->target_address.dn), 0);
+ case SLAPI_OPERATION_DELETE: slapi_ldif_put_type_and_value_with_options(&buff, T_DNSTR, REPL_GET_DN(&op->target_address),
+ strlen (REPL_GET_DN(&op->target_address)), 0);
break;
}
@@ -4377,10 +4381,10 @@ _cl5LDIF2Operation (char *ldifEntry, slapi_operation_parameters *op, char **repl
if (op->operation_type == SLAPI_OPERATION_ADD)
{
rawDN = slapi_ch_strdup (value.bv_val);
- op->target_address.dn = slapi_ch_strdup(rawDN);
+ op->target_address.sdn = slapi_sdn_new_dn_byval(rawDN);
}
else
- op->target_address.dn = slapi_ch_strdup (value.bv_val);
+ op->target_address.sdn = slapi_sdn_new_dn_byval(value.bv_val);
}
else if (strncasecmp (type.bv_val, T_PARENTIDSTR, type.bv_len) == 0)
{
@@ -4396,7 +4400,7 @@ _cl5LDIF2Operation (char *ldifEntry, slapi_operation_parameters *op, char **repl
}
else if (strncasecmp (type.bv_val, T_NEWSUPERIORDNSTR, type.bv_len) == 0)
{
- op->p.p_modrdn.modrdn_newsuperior_address.dn = slapi_ch_strdup (value.bv_val);
+ op->p.p_modrdn.modrdn_newsuperior_address.sdn = slapi_sdn_new_dn_byval(value.bv_val);
}
else if (strncasecmp (type.bv_val, T_NEWSUPERIORIDSTR, type.bv_len) == 0)
{
@@ -4507,7 +4511,7 @@ static int _cl5WriteOperationTxn(const char *replName, const char *replGen,
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl,
"_cl5WriteOperationTxn: failed to get db file for target dn (%s)",
- op->target_address.dn);
+ REPL_GET_DN(&op->target_address));
return CL5_OBJSET_ERROR;
}
@@ -4907,7 +4911,7 @@ static int _cl5GetOperation (Object *replica, slapi_operation_parameters *op)
case DB_NOTFOUND: slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl,
"_cl5GetOperation: operation for csn (%s) is not found in db that should contain dn (%s)\n",
- csnStr, op->target_address.dn);
+ csnStr, REPL_GET_DN(&op->target_address));
rc = CL5_NOTFOUND;
goto done;
@@ -6151,7 +6155,7 @@ static Object* _cl5GetReplica (const slapi_operation_parameters *op, const char*
PR_ASSERT (op && replGen);
- sdn = slapi_sdn_new_dn_byref(op->target_address.dn);
+ sdn = op->target_address.sdn;
replObj = replica_get_replica_from_dn (sdn);
if (replObj)
@@ -6169,8 +6173,6 @@ static Object* _cl5GetReplica (const slapi_operation_parameters *op, const char*
slapi_ch_free ((void**)&newGen);
}
-
- slapi_sdn_free (&sdn);
return replObj;
}
diff --git a/ldap/servers/plugins/replication/cl5_test.c b/ldap/servers/plugins/replication/cl5_test.c
index 91cdef2..4bb83a7 100644
--- a/ldap/servers/plugins/replication/cl5_test.c
+++ b/ldap/servers/plugins/replication/cl5_test.c
@@ -838,7 +838,7 @@ static int populateChangelogOp ()
pb = slapi_pblock_new ();
cur_time = time (NULL);
PR_snprintf (newrdn, sizeof(newrdn), "cn=renamed%s", ctime(&cur_time));
- slapi_rename_internal_set_pb (pb, dn, newrdn, NULL, 1, NULL, NULL,
+ slapi_rename_internal_set_pb_ext (pb, dn, newrdn, NULL, 1, NULL, NULL,
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modrdn_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
diff --git a/ldap/servers/plugins/replication/legacy_consumer.c b/ldap/servers/plugins/replication/legacy_consumer.c
index a65c5e6..2440ce7 100644
--- a/ldap/servers/plugins/replication/legacy_consumer.c
+++ b/ldap/servers/plugins/replication/legacy_consumer.c
@@ -96,13 +96,14 @@ Slapi_RWLock *legacy_consumer_config_lock = NULL;
static PRBool
target_is_a_replica_root(Slapi_PBlock *pb, const Slapi_DN **root)
{
- char *dn;
- Slapi_DN *sdn;
- PRBool return_value;
+ Slapi_DN *sdn = NULL;
+ PRBool return_value = PR_FALSE;
Object *repl_obj;
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
- sdn = slapi_sdn_new_dn_byref(dn);
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ if (NULL == sdn) {
+ return return_value;
+ }
repl_obj = replica_get_replica_from_dn(sdn);
if (NULL != repl_obj)
{
@@ -116,7 +117,6 @@ target_is_a_replica_root(Slapi_PBlock *pb, const Slapi_DN **root)
*root = NULL;
return_value = PR_FALSE;
}
- slapi_sdn_free(&sdn);
return return_value;
}
@@ -492,7 +492,7 @@ legacy_consumer_read_config ()
int
-legacy_consumer_is_replicationdn(char *dn)
+legacy_consumer_is_replicationdn(const char *dn)
{
int return_value = 0; /* Assume not */
diff --git a/ldap/servers/plugins/replication/repl.h b/ldap/servers/plugins/replication/repl.h
index ca0fe05..433be34 100644
--- a/ldap/servers/plugins/replication/repl.h
+++ b/ldap/servers/plugins/replication/repl.h
@@ -405,7 +405,7 @@ int modrdn2reple( Slapi_Entry *e, char *newrdn, int deloldrdn, LDAPMod **ldm );
/* In legacy_consumer.c */
void process_legacy_cf(Slapi_PBlock *pb);
-int legacy_consumer_is_replicationdn(char *dn);
+int legacy_consumer_is_replicationdn(const char *dn);
int legacy_consumer_is_replicationpw(struct berval *creds);
int legacy_consumer_config_init();
diff --git a/ldap/servers/plugins/replication/repl5.h b/ldap/servers/plugins/replication/repl5.h
index 79465e4..b0c95d2 100644
--- a/ldap/servers/plugins/replication/repl5.h
+++ b/ldap/servers/plugins/replication/repl5.h
@@ -134,6 +134,8 @@
#define MAX_NUM_OF_MASTERS 64
#define REPL_SESSION_ID_SIZE 64
+#define REPL_GET_DN(addrp) slapi_sdn_get_dn((addrp)->sdn)
+
/* Attribute names for replication agreement attributes */
extern const char *type_nsds5ReplicaHost;
extern const char *type_nsds5ReplicaPort;
diff --git a/ldap/servers/plugins/replication/repl5_agmt.c b/ldap/servers/plugins/replication/repl5_agmt.c
index 61aa9ba..7bcec79 100644
--- a/ldap/servers/plugins/replication/repl5_agmt.c
+++ b/ldap/servers/plugins/replication/repl5_agmt.c
@@ -1729,8 +1729,7 @@ agmt_notify_change(Repl_Agmt *agmt, Slapi_PBlock *pb)
if (NULL != pb)
{
/* Is the entry within our replicated area? */
- char *target_dn;
- Slapi_DN *target_sdn;
+ Slapi_DN *target_sdn = NULL;
int change_is_relevant = 0;
PR_ASSERT(NULL != agmt);
@@ -1741,8 +1740,11 @@ agmt_notify_change(Repl_Agmt *agmt, Slapi_PBlock *pb)
return;
}
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &target_dn);
- target_sdn = slapi_sdn_new_dn_byref(target_dn); /* XXX see if you can avoid allocating this */
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &target_sdn);
+ if (NULL == target_sdn) {
+ PR_Unlock(agmt->lock);
+ return;
+ }
if (slapi_sdn_issuffix(target_sdn, agmt->replarea))
{
@@ -1799,7 +1801,6 @@ agmt_notify_change(Repl_Agmt *agmt, Slapi_PBlock *pb)
}
}
PR_Unlock(agmt->lock);
- slapi_sdn_free(&target_sdn);
if (change_is_relevant)
{
/* Notify the protocol that a change has occurred */
diff --git a/ldap/servers/plugins/replication/repl5_agmtlist.c b/ldap/servers/plugins/replication/repl5_agmtlist.c
index 8cc2cc3..8a98c21 100644
--- a/ldap/servers/plugins/replication/repl5_agmtlist.c
+++ b/ldap/servers/plugins/replication/repl5_agmtlist.c
@@ -184,10 +184,10 @@ agmtlist_add_callback(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *entryAfter,
rc = add_new_agreement(e);
if (0 != rc) {
- char *dn;
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
+ Slapi_DN *sdn = NULL;
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "agmtlist_add_callback: "
- "Can't start agreement \"%s\"\n", dn);
+ "Can't start agreement \"%s\"\n", slapi_sdn_get_dn(sdn));
*returncode = LDAP_UNWILLING_TO_PERFORM;
return SLAPI_DSE_CALLBACK_ERROR;
}
@@ -200,7 +200,6 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
int *returncode, char *returntext, void *arg)
{
int i;
- char *dn;
Slapi_DN *sdn = NULL;
int start_initialize = 0, stop_initialize = 0, cancel_initialize = 0;
int update_the_schedule = 0; /* do we need to update the repl sched? */
@@ -224,13 +223,18 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
goto done;
}
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
- sdn= slapi_sdn_new_dn_byref(dn);
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ if (NULL == sdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
+ "agmtlist_modify_callback: NULL target dn\n");
+ goto done;
+ }
agmt = agmtlist_get_by_agmt_name(sdn);
if (NULL == agmt)
{
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "agmtlist_modify_callback: received "
- "a modification for unknown replication agreement \"%s\"\n", dn);
+ "a modification for unknown replication agreement \"%s\"\n",
+ slapi_sdn_get_dn(sdn));
goto done;
}
@@ -277,7 +281,7 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
if (strcasecmp (val, "start") == 0)
{
- start_initialize = 1;
+ start_initialize = 1;
}
else if (strcasecmp (val, "stop") == 0)
{
@@ -528,8 +532,6 @@ done:
agmtlist_release_agmt(agmt);
}
- if (sdn)
- slapi_sdn_free(&sdn);
return rc;
}
diff --git a/ldap/servers/plugins/replication/repl5_inc_protocol.c b/ldap/servers/plugins/replication/repl5_inc_protocol.c
index 0e05973..274a069 100644
--- a/ldap/servers/plugins/replication/repl5_inc_protocol.c
+++ b/ldap/servers/plugins/replication/repl5_inc_protocol.c
@@ -1423,7 +1423,7 @@ replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op, int *m
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: replay_update: Sending %s operation (dn=\"%s\" csn=%s)\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn, csn_str);
+ op2string(op->operation_type), REPL_GET_DN(&op->target_address), csn_str);
/* What type of operation is it? */
switch (op->operation_type)
{
@@ -1448,7 +1448,7 @@ replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op, int *m
{
repl5_strip_fractional_mods(prp->agmt,entryattrs);
}
- return_value = conn_send_add(prp->conn, op->target_address.dn,
+ return_value = conn_send_add(prp->conn, REPL_GET_DN(&op->target_address),
entryattrs, update_control, message_id);
ldap_mods_free(entryattrs, 1);
}
@@ -1460,18 +1460,18 @@ replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op, int *m
{
repl5_strip_fractional_mods(prp->agmt,op->p.p_modify.modify_mods);
}
- return_value = conn_send_modify(prp->conn, op->target_address.dn,
+ return_value = conn_send_modify(prp->conn, REPL_GET_DN(&op->target_address),
op->p.p_modify.modify_mods, update_control, message_id);
break;
case SLAPI_OPERATION_DELETE:
- return_value = conn_send_delete(prp->conn, op->target_address.dn,
+ return_value = conn_send_delete(prp->conn, REPL_GET_DN(&op->target_address),
update_control, message_id);
break;
case SLAPI_OPERATION_MODRDN:
/* XXXggood need to pass modrdn mods in update control! */
- return_value = conn_send_rename(prp->conn, op->target_address.dn,
+ return_value = conn_send_rename(prp->conn, REPL_GET_DN(&op->target_address),
op->p.p_modrdn.modrdn_newrdn,
- op->p.p_modrdn.modrdn_newsuperior_address.dn,
+ REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address),
op->p.p_modrdn.modrdn_deloldrdn,
update_control, message_id);
break;
diff --git a/ldap/servers/plugins/replication/repl5_init.c b/ldap/servers/plugins/replication/repl5_init.c
index 883c3e6..4e2464c 100644
--- a/ldap/servers/plugins/replication/repl5_init.c
+++ b/ldap/servers/plugins/replication/repl5_init.c
@@ -338,8 +338,8 @@ multimaster_betxnpostop_init( Slapi_PBlock *pb )
slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION, (void *)&multimasterbetxnpostopdesc ) != 0 ||
slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_MODRDN_FN, (void *) multimaster_betxnpostop_modrdn ) != 0 ||
slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_DELETE_FN, (void *) multimaster_betxnpostop_delete ) != 0 ||
- slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_ADD_FN, (void *) multimaster_betxnpostop_modrdn ) != 0 ||
- slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_MODIFY_FN, (void *) multimaster_betxnpostop_delete ) != 0 )
+ slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_ADD_FN, (void *) multimaster_betxnpostop_add ) != 0 ||
+ slapi_pblock_set( pb, SLAPI_PLUGIN_BE_TXN_POST_MODIFY_FN, (void *) multimaster_betxnpostop_modify ) != 0 )
{
slapi_log_error( SLAPI_LOG_PLUGIN, repl_plugin_name, "multimaster_betxnpostop_init failed\n" );
rc= -1;
diff --git a/ldap/servers/plugins/replication/repl5_mtnode_ext.c b/ldap/servers/plugins/replication/repl5_mtnode_ext.c
index 3043624..dd0d261 100644
--- a/ldap/servers/plugins/replication/repl5_mtnode_ext.c
+++ b/ldap/servers/plugins/replication/repl5_mtnode_ext.c
@@ -197,20 +197,19 @@ replica_get_replica_from_dn (const Slapi_DN *dn)
Object *replica_get_replica_for_op (Slapi_PBlock *pb)
{
- char *dn;
- Slapi_DN *sdn;
+ Slapi_DN *sdn = NULL;
Object *repl_obj = NULL;
if (pb)
{
/* get replica generation for this operation */
- slapi_pblock_get (pb, SLAPI_TARGET_DN, &dn);
- sdn = slapi_sdn_new_dn_byref(dn);
+ slapi_pblock_get (pb, SLAPI_TARGET_SDN, &sdn);
+ if (NULL == sdn) {
+ goto bail;
+ }
repl_obj = replica_get_replica_from_dn (sdn);
-
- slapi_sdn_free (&sdn);
}
-
+bail:
return repl_obj;
}
diff --git a/ldap/servers/plugins/replication/repl5_plugins.c b/ldap/servers/plugins/replication/repl5_plugins.c
index a036b0a..a0d45fb 100644
--- a/ldap/servers/plugins/replication/repl5_plugins.c
+++ b/ldap/servers/plugins/replication/repl5_plugins.c
@@ -1079,7 +1079,7 @@ write_changelog_and_ruv (Slapi_PBlock *pb)
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
"write_changelog_and_ruv: can't add a change for "
"%s (uniqid: %s, optype: %lu) to changelog csn %s\n",
- op_params->target_address.dn,
+ REPL_GET_DN(&op_params->target_address),
op_params->target_address.uniqueid,
op_params->operation_type,
csn_as_string(op_params->csn, PR_FALSE, csn_str));
diff --git a/ldap/servers/plugins/replication/repl5_replica.c b/ldap/servers/plugins/replication/repl5_replica.c
index 2a24f3e..b749848 100644
--- a/ldap/servers/plugins/replication/repl5_replica.c
+++ b/ldap/servers/plugins/replication/repl5_replica.c
@@ -1858,13 +1858,14 @@ static char*
_replica_get_config_dn (const Slapi_DN *root)
{
char *dn;
+ /* "cn=mapping tree,cn=config" */
const char *mp_base = slapi_get_mapping_tree_config_root ();
PR_ASSERT (root);
/* This function converts the old style DN to the new style. */
- dn = slapi_create_dn_string("%s,cn=\"%s\",%s",
- REPLICA_RDN, slapi_sdn_get_dn (root), mp_base);
+ dn = slapi_ch_smprintf("%s,cn=\"%s\",%s",
+ REPLICA_RDN, slapi_sdn_get_dn (root), mp_base);
return dn;
}
@@ -3120,7 +3121,7 @@ replica_log_ruv_elements_nolock (const Replica *r)
special target dn */
memset (&op_params, 0, sizeof (op_params));
op_params.operation_type = SLAPI_OPERATION_DELETE;
- op_params.target_address.dn = START_ITERATION_ENTRY_DN;
+ op_params.target_address.sdn = slapi_sdn_new_dn_byval(START_ITERATION_ENTRY_DN);
op_params.target_address.uniqueid = START_ITERATION_ENTRY_UNIQUEID;
op_params.csn = csn;
repl_gen = ruv_get_replica_generation (ruv);
@@ -3132,6 +3133,7 @@ replica_log_ruv_elements_nolock (const Replica *r)
rc = -1;
slapi_ch_free ((void**)&repl_gen);
+ slapi_sdn_free(&op_params.target_address.sdn);
csn_free (&csn);
}
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index e31078f..9b36e0d 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -878,10 +878,10 @@ replica_task_done(Replica *replica)
return rc;
}
/* dn: cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config */
- replica_dn = slapi_create_dn_string("%s,cn=\"%s\",%s",
- REPLICA_RDN,
- slapi_sdn_get_dn(replica_get_root(replica)),
- CONFIG_BASE);
+ replica_dn = slapi_ch_smprintf("%s,cn=\"%s\",%s",
+ REPLICA_RDN,
+ slapi_sdn_get_dn(replica_get_root(replica)),
+ CONFIG_BASE);
if (NULL == replica_dn) {
return rc;
}
diff --git a/ldap/servers/plugins/replication/repl_bind.c b/ldap/servers/plugins/replication/repl_bind.c
index a7eb78c..dbc77a6 100644
--- a/ldap/servers/plugins/replication/repl_bind.c
+++ b/ldap/servers/plugins/replication/repl_bind.c
@@ -51,13 +51,15 @@ int
legacy_preop_bind( Slapi_PBlock *pb )
{
int return_value = 0;
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
struct berval *cred = NULL;
int method;
slapi_pblock_get(pb, SLAPI_BIND_METHOD, &method);
- slapi_pblock_get(pb, SLAPI_BIND_TARGET, &dn);
+ slapi_pblock_get(pb, SLAPI_BIND_TARGET_SDN, &sdn);
slapi_pblock_get(pb, SLAPI_BIND_CREDENTIALS, &cred);
+ dn = slapi_sdn_get_dn(sdn);
if (LDAP_AUTH_SIMPLE == method)
{
diff --git a/ldap/servers/plugins/replication/repl_compare.c b/ldap/servers/plugins/replication/repl_compare.c
index acb0d69..3e1878d 100644
--- a/ldap/servers/plugins/replication/repl_compare.c
+++ b/ldap/servers/plugins/replication/repl_compare.c
@@ -48,16 +48,20 @@ int
legacy_preop_compare( Slapi_PBlock *pb )
{
int is_replicated_operation = 0;
- char *compare_base = NULL;
struct berval **referral = NULL;
int return_code = 0;
- Slapi_DN *basesdn;
+ Slapi_DN *basesdn = NULL;
slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation);
- slapi_pblock_get(pb, SLAPI_COMPARE_TARGET, &compare_base);
- basesdn= slapi_sdn_new_dn_byref(compare_base);
- referral = get_data_source(pb, basesdn, 1, NULL);
- slapi_sdn_free(&basesdn);
+ slapi_pblock_get(pb, SLAPI_COMPARE_TARGET_SDN, &basesdn);
+ if (NULL == basesdn) {
+ slapi_send_ldap_result(pb, LDAP_OPERATIONS_ERROR, NULL,
+ "Null target DN", 0, NULL );
+
+ return_code = 1; /* return 1 to prevent further search processing */
+ goto bail;
+ }
+ referral = get_data_source(pb, basesdn, 1, NULL);
if (NULL != referral && !is_replicated_operation)
{
/*
@@ -68,5 +72,6 @@ legacy_preop_compare( Slapi_PBlock *pb )
return_code = 1; /* return 1 to prevent further search processing */
}
slapi_ch_free((void**)&referral);
+bail:
return return_code;
}
diff --git a/ldap/servers/plugins/replication/repl_connext.c b/ldap/servers/plugins/replication/repl_connext.c
index 0b46c5e..2969b15 100644
--- a/ldap/servers/plugins/replication/repl_connext.c
+++ b/ldap/servers/plugins/replication/repl_connext.c
@@ -97,7 +97,7 @@ void consumer_connection_extension_destructor (void *ext, void *object, void *pa
if (NULL != repl_root_sdn)
{
slapi_pblock_set(pb, SLAPI_CONNECTION, connext->connection);
- slapi_pblock_set(pb, SLAPI_TARGET_DN, (void*)slapi_sdn_get_dn(repl_root_sdn));
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, (void*)repl_root_sdn);
slapi_pblock_get(pb, SLAPI_CONN_ID, &connid);
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"Aborting total update in progress for replicated "
diff --git a/ldap/servers/plugins/replication/repl_extop.c b/ldap/servers/plugins/replication/repl_extop.c
index ffbf2a9..2ff3627 100644
--- a/ldap/servers/plugins/replication/repl_extop.c
+++ b/ldap/servers/plugins/replication/repl_extop.c
@@ -947,7 +947,7 @@ multimaster_extop_StartNSDS50ReplicationRequest(Slapi_PBlock *pb)
* But what do we do if mapping tree could not be updated ? */
/* start the bulk import */
- slapi_pblock_set (pb, SLAPI_TARGET_DN, repl_root);
+ slapi_pblock_set (pb, SLAPI_TARGET_SDN, repl_root_sdn);
rc = slapi_start_bulk_import (pb);
if (rc != LDAP_SUCCESS)
{
@@ -1090,10 +1090,8 @@ send_response:
slapi_ch_free((void **)&replicacsnstr);
/* repl_root_sdn */
- if (NULL != repl_root_sdn)
- {
- slapi_sdn_free(&repl_root_sdn);
- }
+ slapi_sdn_free(&repl_root_sdn);
+
if (NSDS50_REPL_REPLICA_READY != response)
{
/*
@@ -1163,6 +1161,7 @@ multimaster_extop_EndNSDS50ReplicationRequest(Slapi_PBlock *pb)
{
int return_value = SLAPI_PLUGIN_EXTENDED_NOT_HANDLED;
char *repl_root = NULL;
+ Slapi_DN *repl_root_sdn = NULL;
BerElement *resp_bere = NULL;
struct berval *resp_bval = NULL;
ber_int_t response;
@@ -1208,8 +1207,16 @@ multimaster_extop_EndNSDS50ReplicationRequest(Slapi_PBlock *pb)
enabled again */
replica_set_state_flag(r, REPLICA_TOTAL_IN_PROGRESS, PR_TRUE /* clear flag */);
- slapi_pblock_set (pb, SLAPI_TARGET_DN, repl_root);
- slapi_stop_bulk_import (pb);
+ /* slapi_pblock_set (pb, SLAPI_TARGET_DN, repl_root); */
+ /* Verify that repl_root names a valid replicated area */
+ if ((repl_root_sdn = slapi_sdn_new_dn_byref(repl_root)) == NULL)
+ {
+ response = NSDS50_REPL_INTERNAL_ERROR;
+ goto send_response;
+ }
+ slapi_pblock_set (pb, SLAPI_TARGET_SDN, repl_root_sdn);
+
+ slapi_stop_bulk_import (pb);
/* ONREPL - this is a bit of a hack. Once bulk import is finished,
the replication function that responds to backend state change
@@ -1273,7 +1280,7 @@ multimaster_extop_EndNSDS50ReplicationRequest(Slapi_PBlock *pb)
goto free_and_return;
}
}
-
+send_response:
/* Send the response code */
if ((resp_bere = der_alloc()) == NULL)
{
@@ -1291,6 +1298,8 @@ free_and_return:
/* repl_root */
slapi_ch_free((void **)&repl_root);
+ slapi_sdn_free(&repl_root_sdn);
+
/* BerElement */
if (NULL != resp_bere)
{
diff --git a/ldap/servers/plugins/replication/replutil.c b/ldap/servers/plugins/replication/replutil.c
index b828a2a..d0fc1cc 100644
--- a/ldap/servers/plugins/replication/replutil.c
+++ b/ldap/servers/plugins/replication/replutil.c
@@ -523,7 +523,7 @@ IsValidOperation (const slapi_operation_parameters *op)
return PR_FALSE;
}
- if (op->target_address.dn == NULL)
+ if (op->target_address.sdn == NULL)
{
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
"IsValidOperation: NULL entry DN\n");
diff --git a/ldap/servers/plugins/replication/urp.c b/ldap/servers/plugins/replication/urp.c
index 9410423..01cd2c1 100644
--- a/ldap/servers/plugins/replication/urp.c
+++ b/ldap/servers/plugins/replication/urp.c
@@ -59,7 +59,6 @@ static int mod_namingconflict_attr (const char *uniqueid, const char*entrydn, co
static int del_replconflict_attr (Slapi_Entry *entry, CSN *opcsn, int opflags);
static char *get_dn_plus_uniqueid(char *sessionid,const char *olddn,const char *uniqueid);
static char *get_rdn_plus_uniqueid(char *sessionid,const char *olddn,const char *uniqueid);
-static void set_pblock_dn (Slapi_PBlock* pb,int pblock_parameter,char *newdn);
static int is_suffix_entry (Slapi_PBlock *pb, Slapi_Entry *entry, Slapi_DN **parenddn);
/*
@@ -122,7 +121,8 @@ urp_add_operation( Slapi_PBlock *pb )
char sessionid[REPL_SESSION_ID_SIZE];
int r;
int op_result= 0;
- int rc= 0; /* OK */
+ int rc= 0; /* OK */
+ Slapi_DN *sdn = NULL;
if ( slapi_op_abandoned(pb) )
{
@@ -206,8 +206,14 @@ urp_add_operation( Slapi_PBlock *pb )
*/
slapi_value_set_string (*vals, buf);
}
- slapi_entry_set_dn (addentry,slapi_ch_strdup(newdn));
- set_pblock_dn(pb,SLAPI_ADD_TARGET,newdn); /* consumes newdn */
+ /* slapi_pblock_get(pb, SLAPI_ADD_TARGET, &dn); */
+ slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+
+ slapi_entry_set_normdn(addentry, newdn); /* dn: passin */
+
+ sdn = slapi_sdn_dup(slapi_entry_get_sdn_const(addentry));
+ slapi_pblock_set(pb, SLAPI_ADD_TARGET_SDN, sdn);
rdn = slapi_rdn_new_sdn ( slapi_entry_get_sdn_const(addentry) );
slapi_log_error (slapi_log_urp, sessionid,
@@ -265,7 +271,6 @@ urp_modrdn_operation( Slapi_PBlock *pb )
Slapi_Entry *parent_entry;
Slapi_Entry *new_parent_entry;
Slapi_DN *newsuperior = NULL;
- char *newsuperiordn;
Slapi_DN *parentdn = NULL;
Slapi_Entry *target_entry;
Slapi_Entry *existing_entry;
@@ -319,7 +324,7 @@ urp_modrdn_operation( Slapi_PBlock *pb )
slapi_pblock_get(pb, SLAPI_TARGET_UNIQUEID, &op_uniqueid);
slapi_pblock_get(pb, SLAPI_MODRDN_PARENT_ENTRY, &parent_entry);
slapi_pblock_get(pb, SLAPI_MODRDN_NEWPARENT_ENTRY, &new_parent_entry);
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperiordn);
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior);
if ( is_tombstone_entry (target_entry) )
{
@@ -413,7 +418,7 @@ urp_modrdn_operation( Slapi_PBlock *pb )
goto bailout;
}
mod_namingconflict_attr (op_uniqueid, target_dn, existing_dn, opcsn);
- set_pblock_dn (pb, SLAPI_MODRDN_NEWRDN, newrdn_with_uniqueid);
+ slapi_pblock_set(pb, SLAPI_MODRDN_NEWRDN, newrdn_with_uniqueid);
slapi_log_error(slapi_log_urp, sessionid,
"Naming conflict MODRDN. Rename target entry to %s\n",
newrdn_with_uniqueid );
@@ -474,12 +479,12 @@ urp_modrdn_operation( Slapi_PBlock *pb )
/* The new superior entry doesn't exist */
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperiordn);
- if(newsuperiordn == NULL)
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior);
+ if(newsuperior == NULL)
{
/* (new_parent_entry==NULL && newsuperiordn==NULL)
* This is ok - SLAPI_MODRDN_NEWPARENT_ENTRY will
- * only be set if SLAPI_MODRDN_NEWSUPERIOR was
+ * only be set if SLAPI_MODRDN_NEWSUPERIOR_SDN was
* suplied by the client. If it wasn't, we're just
* changing the RDN of the entry. In that case,
* if the entry exists, its parent won't change
@@ -491,10 +496,9 @@ urp_modrdn_operation( Slapi_PBlock *pb )
goto bailout;
}
- newsuperior= slapi_sdn_new_dn_byval(newsuperiordn);
-
- if((0 == slapi_sdn_compare (slapi_entry_get_sdn(parent_entry), newsuperior)) ||
- is_suffix_dn (pb, newsuperior, &parentdn) )
+ if((0 == slapi_sdn_compare(slapi_entry_get_sdn(parent_entry),
+ newsuperior)) ||
+ is_suffix_dn (pb, newsuperior, &parentdn) )
{
/*
* The new superior is the same as the current one, or
@@ -521,7 +525,8 @@ urp_modrdn_operation( Slapi_PBlock *pb )
* admin intercession
*/
slapi_log_error( SLAPI_LOG_FATAL, sessionid,
- "Parent %s couldn't be found, nor recreated as a glue entry\n", newsuperiordn );
+ "Parent %s couldn't be found, nor recreated as a glue entry\n",
+ slapi_sdn_get_dn(newsuperior) );
op_result= LDAP_OPERATIONS_ERROR;
slapi_pblock_set(pb, SLAPI_RESULT_CODE, &op_result);
rc = -1;
@@ -542,8 +547,6 @@ bailout:
}
if ( parentdn )
slapi_sdn_free(&parentdn);
- if ( newsuperior )
- slapi_sdn_free(&newsuperior);
return rc;
}
@@ -761,9 +764,9 @@ urp_fixup_rename_entry (Slapi_Entry *entry, const char *newrdn, int opflags)
* Must mark this operation as replicated,
* so that the frontend doesn't add extra attributes.
*/
- slapi_rename_internal_set_pb (
+ slapi_rename_internal_set_pb_ext (
newpb,
- slapi_entry_get_dn_const (entry),
+ slapi_entry_get_sdn_const (entry),
newrdn, /*NewRDN*/
NULL, /*NewSuperior*/
0, /* !Delete Old RDNS */
@@ -852,6 +855,7 @@ urp_add_resolve_parententry (Slapi_PBlock *pb, char *sessionid, Slapi_Entry *ent
char *newdn = NULL;
int ldap_rc;
int rc = 0;
+ Slapi_DN *sdn = NULL;
if( is_suffix_entry (pb, entry, &parentdn) )
{
@@ -928,8 +932,15 @@ urp_add_resolve_parententry (Slapi_PBlock *pb, char *sessionid, Slapi_Entry *ent
*/
add_rdn = slapi_rdn_new_dn(slapi_entry_get_dn_const (entry));
newdn = slapi_dn_plus_rdn(slapi_entry_get_dn_const (parententry), slapi_rdn_get_rdn(add_rdn));
- slapi_entry_set_dn ( entry,slapi_ch_strdup(newdn));
- set_pblock_dn (pb,SLAPI_ADD_TARGET,newdn); /* consumes newdn */
+ slapi_entry_set_normdn ( entry, newdn );
+
+ /* slapi_pblock_get(pb, SLAPI_ADD_TARGET, &dn); */
+ slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+
+ sdn = slapi_sdn_dup(slapi_entry_get_sdn_const(entry));
+ slapi_pblock_set(pb, SLAPI_ADD_TARGET_SDN, sdn);
+
slapi_log_error ( slapi_log_urp, sessionid,
"Parent was renamed. Renamed the child to %s\n", newdn );
rc= slapi_setbit_int(rc,SLAPI_RTN_BIT_FETCH_EXISTING_DN_ENTRY);
@@ -1240,15 +1251,6 @@ get_rdn_plus_uniqueid(char *sessionid, const char *olddn, const char *uniqueid)
return newrdn;
}
-static void
-set_pblock_dn (Slapi_PBlock* pb,int pblock_parameter,char *newdn)
-{
- char *olddn;
- slapi_pblock_get( pb, pblock_parameter, &olddn );
- slapi_ch_free((void**)&olddn);
- slapi_pblock_set( pb, pblock_parameter, newdn );
-}
-
static int
is_suffix_entry ( Slapi_PBlock *pb, Slapi_Entry *entry, Slapi_DN **parentdn )
{
diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c b/ldap/servers/plugins/replication/windows_protocol_util.c
index 771475b..7e61ff4 100644
--- a/ldap/servers/plugins/replication/windows_protocol_util.c
+++ b/ldap/servers/plugins/replication/windows_protocol_util.c
@@ -1296,8 +1296,9 @@ process_replay_rename(Private_Repl_Protocol *prp,
remote_subtree?remote_subtree:"empty");
goto bail;
}
+ /* newparent is already normzlized; just ignore the case */
norm_newparent = slapi_ch_strdup(newparent);
- slapi_dn_normalize_case(norm_newparent);
+ slapi_dn_ignore_case(norm_newparent);
p = strstr(norm_newparent, local_subtree);
if (NULL == p) {
slapi_log_error(SLAPI_LOG_FATAL, windows_repl_plugin_name,
@@ -1389,7 +1390,7 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
LDAPDebug( LDAP_DEBUG_TRACE, "=> windows_replay_update\n", 0, 0, 0 );
- local_dn = slapi_sdn_new_dn_byref( op->target_address.dn );
+ local_dn = slapi_sdn_dup( op->target_address.sdn );
/* Since we have the target uniqueid in the op structure, let's
* fetch the local entry here using it. We do not want to search
@@ -1415,7 +1416,8 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
"%s: windows_replay_update: failed to fetch local entry "
"for %s operation dn=\"%s\"\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn);
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address));
goto error;
}
op->operation_type = SLAPI_OPERATION_DELETE;
@@ -1427,12 +1429,14 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
"%s: windows_replay_update: failed to fetch local entry for %s operation dn=\"%s\"\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn);
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address));
} else {
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: windows_replay_update: Looking at %s operation local dn=\"%s\" (%s)\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn, "ours");
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address), "ours");
}
/* Just bail on this change. We don't want to do any
* further checks since we don't have a local entry. */
@@ -1450,7 +1454,8 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: windows_replay_update: Looking at %s operation local dn=\"%s\" (%s,%s,%s)\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn, is_ours ? "ours" : "not ours",
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address), is_ours ? "ours" : "not ours",
is_user ? "user" : "not user", is_group ? "group" : "not group");
if (is_ours && (is_user || is_group) ) {
@@ -1463,14 +1468,16 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
"%s: windows_replay_update: failed map dn for %s operation dn=\"%s\""
"rc=%d remote_dn = [%s]\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn,
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address),
rc, remote_dn ? slapi_sdn_get_dn(remote_dn) : "(null)");
goto error;
}
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: windows_replay_update: Processing %s operation local dn=\"%s\" remote dn=\"%s\"\n",
agmt_get_long_name(prp->agmt),
- op2string(op->operation_type), op->target_address.dn, slapi_sdn_get_dn(remote_dn));
+ op2string(op->operation_type),
+ REPL_GET_DN(&op->target_address), slapi_sdn_get_dn(remote_dn));
switch (op->operation_type) {
case SLAPI_OPERATION_ADD:
return_value = process_replay_add(prp,op->p.p_add.target_entry,local_entry,local_dn,remote_dn,is_user,missing_entry,&password);
@@ -1584,7 +1591,7 @@ windows_replay_update(Private_Repl_Protocol *prp, slapi_operation_parameters *op
{
return_value = process_replay_rename(prp, local_entry, local_dn,
op->p.p_modrdn.modrdn_newrdn,
- op->p.p_modrdn.modrdn_newsuperior_address.dn,
+ REPL_GET_DN(&op->p.p_modrdn.modrdn_newsuperior_address),
op->p.p_modrdn.modrdn_deloldrdn,
is_user, is_group);
if (CONN_OPERATION_FAILED == return_value) {
@@ -4446,6 +4453,7 @@ windows_update_local_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry,
Slapi_PBlock *pb = NULL;
int do_modify = 0;
char *newsuperior = NULL;
+ Slapi_DN newsuperior_sdn;
const char *newrdn = NULL;
int is_user = 0, is_group = 0;
const char *newdn = NULL;
@@ -4494,13 +4502,15 @@ windows_update_local_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry,
slapi_log_error(SLAPI_LOG_REPL, windows_repl_plugin_name, "renaming entry \"%s\" - "
"(newrdn: \"%s\", newsuperior: \"%s\"\n", newdn,
newrdn ? newrdn:"NULL", newsuperior ? newsuperior:"NULL");
- slapi_rename_internal_set_pb (pb,
- slapi_sdn_get_dn(slapi_entry_get_sdn(local_entry)),
- newrdn, newsuperior, 1 /* delete old RDNS */,
+ slapi_sdn_init_dn_byref(&newsuperior_sdn, newsuperior);
+ slapi_rename_internal_set_pb_ext (pb,
+ slapi_entry_get_sdn(local_entry),
+ newrdn, &newsuperior_sdn, 1 /* delete old RDNS */,
NULL /* controls */, NULL /* uniqueid */,
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modrdn_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &retval);
+ slapi_sdn_done(&newsuperior_sdn);
slapi_pblock_destroy (pb);
if (LDAP_SUCCESS != retval) {
slapi_log_error(SLAPI_LOG_FATAL, windows_repl_plugin_name,
diff --git a/ldap/servers/plugins/retrocl/retrocl_po.c b/ldap/servers/plugins/retrocl/retrocl_po.c
index 96be617..29ce79f 100644
--- a/ldap/servers/plugins/retrocl/retrocl_po.c
+++ b/ldap/servers/plugins/retrocl/retrocl_po.c
@@ -567,7 +567,7 @@ int retrocl_postob (Slapi_PBlock *pb,int optype)
Slapi_Operation *op = NULL;
LDAPMod **modrdn_mods = NULL;
char *newrdn = NULL;
- char *newsuperior = NULL;
+ Slapi_DN *newsuperior = NULL;
Slapi_Backend *be = NULL;
time_t curtime;
int rc;
@@ -641,7 +641,7 @@ int retrocl_postob (Slapi_PBlock *pb,int optype)
(void)slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
(void)slapi_pblock_get( pb, SLAPI_MODRDN_DELOLDRDN, &flag );
(void)slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &modrdn_mods );
- (void)slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperior);
+ (void)slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperior );
break;
}
@@ -649,9 +649,7 @@ int retrocl_postob (Slapi_PBlock *pb,int optype)
/* check if we should log change to retro changelog, and
* if so, do it here */
write_replog_db( pb, optype, dn, log_m, flag, curtime, te,
- newrdn, modrdn_mods, newsuperior );
+ newrdn, modrdn_mods, slapi_sdn_get_dn(newsuperior) );
return 0;
}
-
-
diff --git a/ldap/servers/plugins/roles/roles_cache.c b/ldap/servers/plugins/roles/roles_cache.c
index 912185d..83d3292 100644
--- a/ldap/servers/plugins/roles/roles_cache.c
+++ b/ldap/servers/plugins/roles/roles_cache.c
@@ -785,7 +785,8 @@ static int roles_cache_is_role_entry(struct slapi_entry *entry)
*/
void roles_cache_change_notify(Slapi_PBlock *pb)
{
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
struct slapi_entry *e = NULL;
struct slapi_entry *pre = NULL;
struct slapi_entry *entry = NULL;
@@ -814,10 +815,10 @@ void roles_cache_change_notify(Slapi_PBlock *pb)
return;
}
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
- if( dn == NULL )
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ if( sdn == NULL )
{
- return;
+ return;
}
slapi_pblock_get (pb, SLAPI_OPERATION, &pb_operation);
@@ -932,6 +933,7 @@ if ( e != NULL )
if ( top_suffix != NULL )
{
+ dn = slapi_sdn_get_dn(sdn);
roles_cache_trigger_update_role( slapi_ch_strdup(dn), entry,
top_suffix,
operation);
diff --git a/ldap/servers/plugins/statechange/statechange.c b/ldap/servers/plugins/statechange/statechange.c
index 3489fba..0653eed 100644
--- a/ldap/servers/plugins/statechange/statechange.c
+++ b/ldap/servers/plugins/statechange/statechange.c
@@ -232,7 +232,8 @@ static int statechange_post_op( Slapi_PBlock *pb, int modtype )
{
SCNotify *notify = head;
int execute;
- char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ char *ndn = NULL;
struct slapi_entry *e_before = NULL;
struct slapi_entry *e_after = NULL;
@@ -246,13 +247,13 @@ static int statechange_post_op( Slapi_PBlock *pb, int modtype )
slapi_lock_mutex(buffer_lock);
if(head)
{
- if(slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn ))
- {
- slapi_log_error( SLAPI_LOG_FATAL, SCN_PLUGIN_SUBSYSTEM, "statechange_post_op: failed to get dn of changed entry");
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ if (NULL == sdn) {
+ slapi_log_error( SLAPI_LOG_FATAL, SCN_PLUGIN_SUBSYSTEM,
+ "statechange_post_op: failed to get dn of changed entry" );
goto bail;
}
-
- slapi_dn_normalize( dn );
+ ndn = (char *)slapi_sdn_get_ndn(sdn);
slapi_pblock_get( pb, SLAPI_ENTRY_PRE_OP, &e_before );
slapi_pblock_get( pb, SLAPI_ENTRY_POST_OP, &e_after );
@@ -264,7 +265,7 @@ static int statechange_post_op( Slapi_PBlock *pb, int modtype )
/* first dn */
if(notify->dn)
{
- if(0 != slapi_dn_issuffix(dn, notify->dn))
+ if(0 != slapi_dn_issuffix(ndn, notify->dn))
execute = 1;
}
else
@@ -290,9 +291,9 @@ static int statechange_post_op( Slapi_PBlock *pb, int modtype )
if(execute)
{
if(e_after)
- (notify->func)(e_after, dn, modtype, pb, notify->caller_data);
+ (notify->func)(e_after, ndn, modtype, pb, notify->caller_data);
else
- (notify->func)(e_before, dn, modtype, pb, notify->caller_data);
+ (notify->func)(e_before, ndn, modtype, pb, notify->caller_data);
}
notify = notify->next;
diff --git a/ldap/servers/plugins/uiduniq/7bit.c b/ldap/servers/plugins/uiduniq/7bit.c
index f6120d6..3e0b921 100644
--- a/ldap/servers/plugins/uiduniq/7bit.c
+++ b/ldap/servers/plugins/uiduniq/7bit.c
@@ -233,13 +233,14 @@ preop_add(Slapi_PBlock *pb)
int argc;
char **argv;
char **attrName;
- char *dn;
+ const char *dn;
+ Slapi_DN *sdn = NULL;
Slapi_Entry *e;
Slapi_Attr *attr;
char **firstSubtree;
char **subtreeDN;
int subtreeCnt;
- int is_replicated_operation;
+ int is_replicated_operation;
/*
* Get the arguments
@@ -263,9 +264,11 @@ preop_add(Slapi_PBlock *pb)
/*
* Get the target DN for this add operation
*/
- err = slapi_pblock_get(pb, SLAPI_ADD_TARGET, &dn);
+ err = slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
if (err) { result = op_error(50); break; }
+ dn = slapi_sdn_get_dn(sdn);
+
#ifdef DEBUG
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name, "ADD target=%s\n", dn);
#endif
@@ -278,7 +281,7 @@ preop_add(Slapi_PBlock *pb)
if (err) { result = op_error(51); break; }
for ( firstSubtree = argv; strcmp(*firstSubtree, ",") != 0;
- firstSubtree++, argc--) {}
+ firstSubtree++, argc--) {}
firstSubtree++;
argc--;
@@ -304,7 +307,7 @@ preop_add(Slapi_PBlock *pb)
* the target DN is a subnode in the tree.
*/
for( subtreeDN=firstSubtree, subtreeCnt=argc ;subtreeCnt > 0;
- subtreeCnt--,subtreeDN++)
+ subtreeCnt--,subtreeDN++)
{
/*
* issuffix determines whether the target is under the
@@ -378,7 +381,8 @@ preop_modify(Slapi_PBlock *pb)
LDAPMod **mods;
LDAPMod **firstMods;
LDAPMod *mod;
- char *target;
+ const char *target;
+ Slapi_DN *target_sdn = NULL;
char **firstSubtree;
char **subtreeDN;
int subtreeCnt;
@@ -407,9 +411,10 @@ preop_modify(Slapi_PBlock *pb)
if (err) { result = op_error(10); break; }
/* Get the target DN */
- err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET, &target);
+ err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET_SDN, &target_sdn);
if (err) { result = op_error(11); break; }
+ target = slapi_sdn_get_dn(target_sdn);
/*
* Look for managed trees that include the target
* Arguments before "," are the 7-bit clean attribute names. Arguemnts
@@ -538,14 +543,14 @@ preop_modrdn(Slapi_PBlock *pb)
int argc;
char **argv;
char **attrName;
- char *target;
- char *superior;
+ Slapi_DN *target_sdn = NULL;
+ Slapi_DN *superior;
char *rdn;
Slapi_Attr *attr;
char **firstSubtree;
char **subtreeDN;
int subtreeCnt;
- int is_replicated_operation;
+ int is_replicated_operation;
/*
* Get the arguments
@@ -567,11 +572,11 @@ preop_modrdn(Slapi_PBlock *pb)
}
/* Get the DN of the entry being renamed */
- err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET, &target);
+ err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &target_sdn);
if (err) { result = op_error(22); break; }
/* Get superior value - unimplemented in 3.0 DS */
- err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &superior);
+ err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &superior);
if (err) { result = op_error(20); break; }
/*
@@ -579,7 +584,7 @@ preop_modrdn(Slapi_PBlock *pb)
* its current level in the tree. Use the target DN for
* determining which managed tree this belongs to
*/
- if (!superior) superior = target;
+ if (!superior) superior = target_sdn;
/* Get the new RDN - this has the attribute values */
err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &rdn);
@@ -649,7 +654,7 @@ preop_modrdn(Slapi_PBlock *pb)
* issuffix determines whether the target is under the
* subtree *subtreeDN
*/
- if (slapi_dn_issuffix(superior, *subtreeDN))
+ if (slapi_dn_issuffix(slapi_sdn_get_dn(superior), *subtreeDN))
{
#ifdef DEBUG
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name,
@@ -692,6 +697,7 @@ NS7bitAttr_Init(Slapi_PBlock *pb)
int argc;
char **argv;
+
/* Declare plugin version */
err = slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION,
SLAPI_PLUGIN_VERSION_01);
@@ -716,8 +722,11 @@ NS7bitAttr_Init(Slapi_PBlock *pb)
if (argc == 0) { err = -1; break; }
argv++; argc--;
- for(;argc > 0;argc--, argv++)
- slapi_dn_normalize_case(*argv);
+ for(;argc > 0;argc--, argv++) {
+ char *normdn = slapi_create_dn_string_case("%s", *argv);
+ slapi_ch_free_string(argv);
+ *argv = normdn;
+ }
/* Provide descriptive information */
err = slapi_pblock_set(pb, SLAPI_PLUGIN_DESCRIPTION,
diff --git a/ldap/servers/plugins/uiduniq/uid.c b/ldap/servers/plugins/uiduniq/uid.c
index 92eefa0..8bd5e17 100644
--- a/ldap/servers/plugins/uiduniq/uid.c
+++ b/ldap/servers/plugins/uiduniq/uid.c
@@ -340,28 +340,18 @@ search_one_berval(const char *baseDN, const char *attrName,
*/
for(;*entries;entries++)
{
- char *dn = slapi_entry_get_dn(*entries);
-
- /*
- * DNs are returned in the original value used to insert
- * the entry. This must be "normalized" for comparison.
- *
- * This normalization is done "in-place" (modifying the value
- * in the entry). This is OK, since this is the only user
- * of this copy of the entry.
- */
- slapi_dn_normalize_case(dn);
+ char *ndn = slapi_entry_get_ndn(*entries); /* get the normalized dn */
#ifdef DEBUG
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name,
- "SEARCH entry dn=%s\n", dn);
+ "SEARCH entry dn=%s\n", ndn);
#endif
/*
* It is a Constraint Violation if any entry is found, unless
* the entry is the target entry (if any).
*/
- if (!target || strcmp(dn, target) != 0)
+ if (!target || strcmp(ndn, target) != 0)
{
result = LDAP_CONSTRAINT_VIOLATION;
break;
@@ -557,7 +547,8 @@ preop_add(Slapi_PBlock *pb)
int err;
char *markerObjectClass = NULL;
char *requiredObjectClass = NULL;
- char *dn;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
int isupdatedn;
Slapi_Entry *e;
Slapi_Attr *attr;
@@ -582,7 +573,7 @@ preop_add(Slapi_PBlock *pb)
if (UNTAGGED_PARAMETER == result)
{
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name,
- "ADD parameter untagged: %s\n", attrName);
+ "ADD parameter untagged: %s\n", attrName);
result = LDAP_SUCCESS;
/* Statically defined subtrees to monitor */
err = slapi_pblock_get(pb, SLAPI_PLUGIN_ARGC, &argc);
@@ -599,9 +590,11 @@ preop_add(Slapi_PBlock *pb)
/*
* Get the target DN for this add operation
*/
- err = slapi_pblock_get(pb, SLAPI_ADD_TARGET, &dn);
+ err = slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
if (err) { result = uid_op_error(51); break; }
+ dn = slapi_sdn_get_dn(sdn);
+
#ifdef DEBUG
slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name, "ADD target=%s\n", dn);
#endif
@@ -636,7 +629,7 @@ preop_add(Slapi_PBlock *pb)
if (NULL != markerObjectClass)
{
/* Subtree defined by location of marker object class */
- result = findSubtreeAndSearch(dn, attrName, attr, NULL,
+ result = findSubtreeAndSearch((char *)dn, attrName, attr, NULL,
requiredObjectClass, dn,
markerObjectClass);
} else
@@ -710,7 +703,8 @@ preop_modify(Slapi_PBlock *pb)
int modcount = 0;
int ii;
LDAPMod *mod;
- char *dn;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
int isupdatedn;
int argc;
char **argv = NULL;
@@ -763,53 +757,57 @@ preop_modify(Slapi_PBlock *pb)
/* find out how many mods meet this criteria */
for(;*mods;mods++)
{
- mod = *mods;
- if ((slapi_attr_type_cmp(mod->mod_type, attrName, 1) == 0) && /* mod contains target attr */
- (mod->mod_op & LDAP_MOD_BVALUES) && /* mod is bval encoded (not string val) */
- (mod->mod_bvalues && mod->mod_bvalues[0]) && /* mod actually contains some values */
- (SLAPI_IS_MOD_ADD(mod->mod_op) || /* mod is add */
- SLAPI_IS_MOD_REPLACE(mod->mod_op))) /* mod is replace */
- {
- addMod(&checkmods, &checkmodsCapacity, &modcount, mod);
- }
+ mod = *mods;
+ if ((slapi_attr_type_cmp(mod->mod_type, attrName, 1) == 0) && /* mod contains target attr */
+ (mod->mod_op & LDAP_MOD_BVALUES) && /* mod is bval encoded (not string val) */
+ (mod->mod_bvalues && mod->mod_bvalues[0]) && /* mod actually contains some values */
+ (SLAPI_IS_MOD_ADD(mod->mod_op) || /* mod is add */
+ SLAPI_IS_MOD_REPLACE(mod->mod_op))) /* mod is replace */
+ {
+ addMod(&checkmods, &checkmodsCapacity, &modcount, mod);
+ }
}
if (modcount == 0) {
- break; /* no mods to check, we are done */
+ break; /* no mods to check, we are done */
}
/* Get the target DN */
- err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET, &dn);
+ err = slapi_pblock_get(pb, SLAPI_MODIFY_TARGET_SDN, &sdn);
if (err) { result = uid_op_error(11); break; }
- /*
- * Check if it has the required object class
- */
- if (requiredObjectClass &&
- !(spb = dnHasObjectClass(dn, requiredObjectClass))) { break; }
+ dn = slapi_sdn_get_dn(sdn);
+ /*
+ * Check if it has the required object class
+ */
+ if (requiredObjectClass &&
+ !(spb = dnHasObjectClass(dn, requiredObjectClass))) {
+ break;
+ }
- /*
- * Passed all the requirements - this is an operation we
- * need to enforce uniqueness on. Now find all parent entries
- * with the marker object class, and do a search for each one.
- */
- /*
- * stop checking at first mod that fails the check
- */
- for (ii = 0; (result == 0) && (ii < modcount); ++ii)
- {
- mod = checkmods[ii];
- if (NULL != markerObjectClass)
- {
- /* Subtree defined by location of marker object class */
- result = findSubtreeAndSearch(dn, attrName, NULL, mod->mod_bvalues,
- requiredObjectClass, dn, markerObjectClass);
- } else
- {
- /* Subtrees listed on invocation line */
- result = searchAllSubtrees(argc, argv, attrName, NULL,
- mod->mod_bvalues, requiredObjectClass, dn);
- }
- }
+ /*
+ * Passed all the requirements - this is an operation we
+ * need to enforce uniqueness on. Now find all parent entries
+ * with the marker object class, and do a search for each one.
+ */
+ /*
+ * stop checking at first mod that fails the check
+ */
+ for (ii = 0; (result == 0) && (ii < modcount); ++ii)
+ {
+ mod = checkmods[ii];
+ if (NULL != markerObjectClass)
+ {
+ /* Subtree defined by location of marker object class */
+ result = findSubtreeAndSearch((char *)dn, attrName, NULL,
+ mod->mod_bvalues, requiredObjectClass,
+ dn, markerObjectClass);
+ } else
+ {
+ /* Subtrees listed on invocation line */
+ result = searchAllSubtrees(argc, argv, attrName, NULL,
+ mod->mod_bvalues, requiredObjectClass, dn);
+ }
+ }
END
slapi_ch_free((void **)&checkmods);
@@ -846,7 +844,6 @@ preop_modrdn(Slapi_PBlock *pb)
{
int result = LDAP_SUCCESS;
Slapi_Entry *e = NULL;
- Slapi_DN *sdn = NULL;
Slapi_Value *sv_requiredObjectClass = NULL;
char *errtext = NULL;
char *attrName = NULL;
@@ -860,8 +857,9 @@ preop_modrdn(Slapi_PBlock *pb)
int err;
char *markerObjectClass=NULL;
char *requiredObjectClass=NULL;
- char *dn;
- char *superior;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ Slapi_DN *superior;
char *rdn;
int deloldrdn = 0;
int isupdatedn;
@@ -907,14 +905,13 @@ preop_modrdn(Slapi_PBlock *pb)
}
/* Get the DN of the entry being renamed */
- err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET, &dn);
+ err = slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &sdn);
if (err) { result = uid_op_error(31); break; }
- /* Create a Slapi_DN to use for searching. */
- sdn = slapi_sdn_new_dn_byref(dn);
+ dn = slapi_sdn_get_dn(sdn);
/* Get superior value - unimplemented in 3.0/4.0/5.0 DS */
- err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &superior);
+ err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &superior);
if (err) { result = uid_op_error(32); break; }
/*
@@ -922,7 +919,7 @@ preop_modrdn(Slapi_PBlock *pb)
* its current level in the tree. Use the target DN for
* determining which managed tree this belongs to
*/
- if (!superior) superior = dn;
+ if (!superior) superior = sdn;
/* Get the new RDN - this has the attribute values */
err = slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &rdn);
@@ -949,7 +946,7 @@ preop_modrdn(Slapi_PBlock *pb)
}
/* Apply the rename operation to the dummy entry. */
- err = slapi_entry_rename(e, rdn, deloldrdn, superior);
+ err = slapi_entry_rename(e, rdn, deloldrdn, slapi_sdn_get_dn(superior));
if (err != LDAP_SUCCESS) { result = uid_op_error(36); break; }
/*
@@ -983,7 +980,6 @@ preop_modrdn(Slapi_PBlock *pb)
}
END
/* Clean-up */
- slapi_sdn_free(&sdn);
slapi_value_free(&sv_requiredObjectClass);
if (e) slapi_entry_free(e);
@@ -1048,8 +1044,11 @@ NSUniqueAttr_Init(Slapi_PBlock *pb)
if (argc < 1) { err = -1; break; }
argv++; argc--;
- for(;argc > 0;argc--, argv++)
- slapi_dn_normalize_case(*argv);
+ for(;argc > 0;argc--, argv++) {
+ char *normdn = slapi_create_dn_string_case("%s", *argv);
+ slapi_ch_free_string(argv);
+ *argv = normdn;
+ }
/* Provide descriptive information */
err = slapi_pblock_set(pb, SLAPI_PLUGIN_DESCRIPTION,
diff --git a/ldap/servers/plugins/views/views.c b/ldap/servers/plugins/views/views.c
index 6ec0246..48b6803 100644
--- a/ldap/servers/plugins/views/views.c
+++ b/ldap/servers/plugins/views/views.c
@@ -1683,6 +1683,7 @@ static int view_search_rewrite_callback(Slapi_PBlock *pb)
int scope = 0;
int set_scope = LDAP_SCOPE_SUBTREE;
viewEntry *theView = 0;
+ Slapi_DN *basesdn = NULL;
#ifdef _VIEW_DEBUG_FILTERS
char outFilter_str[1024];
@@ -1711,7 +1712,8 @@ static int view_search_rewrite_callback(Slapi_PBlock *pb)
goto end;
/* if base of the search is a view */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &basesdn);
+ base = (char *)slapi_sdn_get_dn(basesdn);
/* Read lock the cache */
views_read_lock();
@@ -1763,8 +1765,11 @@ static int view_search_rewrite_callback(Slapi_PBlock *pb)
/* rewrite search scope and base*/
slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &set_scope);
- base = slapi_ch_strdup(theView->pSearch_base);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, base);
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &basesdn);
+ slapi_sdn_free(&basesdn);
+
+ basesdn = slapi_sdn_new_dn_byval(theView->pSearch_base);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, basesdn);
/* concatenate the filters */
diff --git a/ldap/servers/slapd/add.c b/ldap/servers/slapd/add.c
index 0bf6ef0..eba97b7 100644
--- a/ldap/servers/slapd/add.c
+++ b/ldap/servers/slapd/add.c
@@ -116,8 +116,7 @@ do_add( Slapi_PBlock *pb )
/* get the name */
{
char *rawdn = NULL;
- char *dn = NULL;
- size_t dnlen = 0;
+ Slapi_DN mysdn = {0};
if ( ber_scanf( ber, "{a", &rawdn ) == LBER_ERROR ) {
slapi_ch_free_string(&rawdn);
LDAPDebug( LDAP_DEBUG_ANY,
@@ -140,20 +139,20 @@ do_add( Slapi_PBlock *pb )
return;
}
}
- rc = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "ADD", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free_string(&rawdn);
+ slapi_sdn_init_dn_passin(&mysdn, rawdn);
+ if (rawdn && (strlen(rawdn) > 0) &&
+ (NULL == slapi_sdn_get_dn(&mysdn))) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "ADD", rawdn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid dn", 0, NULL);
+ slapi_sdn_done(&mysdn);
return;
- } else if (rc > 0) {
- slapi_ch_free_string(&rawdn);
- } else { /* rc == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
}
e = slapi_entry_alloc();
- slapi_entry_init(e,dn,NULL); /* Responsibility for DN is passed to the Entry. */
+ /* Responsibility for DN is passed to the Entry. */
+ slapi_entry_init_ext(e, &mysdn, NULL);
+ slapi_sdn_done(&mysdn);
}
LDAPDebug( LDAP_DEBUG_ARGS, " do_add: dn (%s)\n", slapi_entry_get_dn_const(e), 0, 0 );
@@ -338,7 +337,7 @@ slapi_add_entry_internal(Slapi_Entry *e, LDAPControl **controls, int dummy)
/* This is new style API to issue internal add operation.
pblock should contain the following data (can be set via call to slapi_add_internal_set_pb):
- SLAPI_TARGET_DN set to dn of the new entry
+ SLAPI_TARGET_SDN set to sdn of the new entry
SLAPI_CONTROLS_ARG set to request controls if present
SLAPI_ADD_ENTRY set to Slapi_Entry to add
Beware: The entry is consumed. */
@@ -458,6 +457,7 @@ static void op_shared_add (Slapi_PBlock *pb)
char *proxystr = NULL;
int proxy_err = LDAP_SUCCESS;
char *errtext = NULL;
+ Slapi_DN *sdn = NULL;
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
slapi_pblock_get (pb, SLAPI_ADD_ENTRY, &e);
@@ -532,7 +532,7 @@ static void op_shared_add (Slapi_PBlock *pb)
goto done;
}
- slapi_pblock_set(pb, SLAPI_TARGET_DN, (void*)slapi_sdn_get_ndn(operation_get_target_spec (operation)));
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, (void*)operation_get_target_spec (operation));
send_referrals_from_entry(pb,referral);
slapi_entry_free(referral);
goto done;
@@ -547,16 +547,16 @@ static void op_shared_add (Slapi_PBlock *pb)
present_values= attr_get_present_values(attr);
/* Set the backend in the pblock. The slapi_access_allowed function
- * needs this set to work properly. */
- slapi_pblock_set( pb, SLAPI_BACKEND, slapi_be_select( slapi_entry_get_sdn_const(e) ) );
+ * needs this set to work properly. */
+ slapi_pblock_set( pb, SLAPI_BACKEND, slapi_be_select( slapi_entry_get_sdn_const(e) ) );
/* Check ACI before checking password syntax */
if ( (err = slapi_access_allowed(pb, e, SLAPI_USERPWD_ATTR, NULL,
- SLAPI_ACL_ADD)) != LDAP_SUCCESS) {
- send_ldap_result(pb, err, NULL,
- "Insufficient 'add' privilege to the "
- "'userPassword' attribute", 0, NULL);
- goto done;
+ SLAPI_ACL_ADD)) != LDAP_SUCCESS) {
+ send_ldap_result(pb, err, NULL,
+ "Insufficient 'add' privilege to the "
+ "'userPassword' attribute", 0, NULL);
+ goto done;
}
/* check password syntax */
@@ -657,30 +657,30 @@ static void op_shared_add (Slapi_PBlock *pb)
* plugins.
*/
- slapi_pblock_set(pb, SLAPI_ADD_TARGET,
- (char*)slapi_sdn_get_ndn(slapi_entry_get_sdn_const(e)));
- if (plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_PRE_ADD_FN :
- SLAPI_PLUGIN_PRE_ADD_FN) == 0)
+ sdn = slapi_sdn_dup(slapi_entry_get_sdn_const(e));
+ slapi_pblock_set(pb, SLAPI_ADD_TARGET_SDN, (void *)sdn);
+ if (plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_PRE_ADD_FN :
+ SLAPI_PLUGIN_PRE_ADD_FN) == 0)
{
int rc;
Slapi_Entry *ec;
- char *add_target_dn;
+ Slapi_DN *add_target_sdn = NULL;
slapi_pblock_set(pb, SLAPI_PLUGIN, be->be_database);
set_db_default_result_handlers(pb);
-
/* Remove the unhashed password pseudo-attribute
from the entry before duplicating the entry */
if (unhashed_password_vals)
{
- slapi_entry_delete_values(e, pwdtype, NULL);
+ slapi_entry_delete_values(e, pwdtype, NULL);
}
-
/* because be_add frees the entry */
ec = slapi_entry_dup(e);
- add_target_dn= slapi_ch_strdup(slapi_sdn_get_ndn(slapi_entry_get_sdn_const(ec)));
- slapi_pblock_set(pb, SLAPI_ADD_TARGET, add_target_dn);
+ add_target_sdn = slapi_sdn_dup(slapi_entry_get_sdn_const(ec));
+ slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ slapi_pblock_set(pb, SLAPI_ADD_TARGET_SDN, add_target_sdn);
if (be->be_add != NULL)
{
@@ -734,9 +734,9 @@ static void op_shared_add (Slapi_PBlock *pb)
plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_POST_ADD_FN :
SLAPI_PLUGIN_POST_ADD_FN);
slapi_entry_free(ec);
- slapi_pblock_get(pb, SLAPI_ADD_TARGET, &add_target_dn);
- slapi_ch_free((void**)&add_target_dn);
}
+ slapi_pblock_get(pb, SLAPI_ADD_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
done:
if (be)
diff --git a/ldap/servers/slapd/auditlog.c b/ldap/servers/slapd/auditlog.c
index 3cca975..d000550 100644
--- a/ldap/servers/slapd/auditlog.c
+++ b/ldap/servers/slapd/auditlog.c
@@ -57,13 +57,14 @@ char *attr_deleteoldrdn = ATTR_DELETEOLDRDN;
char *attr_modifiersname = ATTR_MODIFIERSNAME;
/* Forward Declarations */
-static void write_audit_file( int optype, char *dn, void *change, int flag, time_t curtime );
+static void write_audit_file( int optype, const char *dn, void *change, int flag, time_t curtime );
void
write_audit_log_entry( Slapi_PBlock *pb )
{
time_t curtime;
- char *dn;
+ Slapi_DN *sdn;
+ const char *dn;
void *change;
int flag = 0;
Operation *op;
@@ -75,27 +76,13 @@ write_audit_log_entry( Slapi_PBlock *pb )
}
slapi_pblock_get( pb, SLAPI_OPERATION, &op );
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
switch ( operation_get_type(op) )
{
case SLAPI_OPERATION_MODIFY:
slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &change );
break;
- case SLAPI_OPERATION_ADD:
- {
- /*
- * For adds, we want the unnormalized dn, so we can preserve
- * spacing, case, when replicating it.
- */
- Slapi_Entry *te = NULL;
- slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &change );
- te = (Slapi_Entry *)change;
- if ( NULL != te )
- {
- dn = slapi_entry_get_dn( te );
- }
- }
- break;
case SLAPI_OPERATION_DELETE:
{
char * deleterDN = NULL;
@@ -129,7 +116,7 @@ write_audit_log_entry( Slapi_PBlock *pb )
static void
write_audit_file(
int optype,
- char *dn,
+ const char *dn,
void *change,
int flag,
time_t curtime
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c
index 0e5804c..7f7d0ca 100644
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
@@ -2815,7 +2815,6 @@ int
dblayer_remove_env(struct ldbminfo *li)
{
DB_ENV *env = NULL;
- dblayer_private *priv = NULL;
char *home_dir = NULL;
int rc = db_env_create(&env, 0);
if (rc) {
@@ -2827,7 +2826,6 @@ dblayer_remove_env(struct ldbminfo *li)
LDAPDebug0Args(LDAP_DEBUG_ANY, "ERROR -- No ldbm info is given\n");
return -1;
}
- priv = (dblayer_private *)li->li_dblayer_private;
home_dir = dblayer_get_home_dir(li, NULL);
if (home_dir) {
diff --git a/ldap/servers/slapd/back-ldbm/dn2entry.c b/ldap/servers/slapd/back-ldbm/dn2entry.c
index 4d6dc7c..99a9f47 100644
--- a/ldap/servers/slapd/back-ldbm/dn2entry.c
+++ b/ldap/servers/slapd/back-ldbm/dn2entry.c
@@ -182,13 +182,11 @@ dn2ancestor(
Slapi_DN ancestorndn;
const char *ptr;
- /* assign ancestordn to the parent of the given dn - ancestordn will contain
- the "raw" unnormalized DN from the caller, so we can give back the DN
- in the same format as we received it */
+ /* assign ancestordn to the parent of the given dn */
ptr = slapi_dn_find_parent(slapi_sdn_get_dn(sdn));
/* assign the ancestordn dn pointer to the parent of dn from sdn - sdn "owns"
the memory, but ancestordn points to it */
- slapi_sdn_set_dn_byref(ancestordn, ptr); /* free any previous contents */
+ slapi_sdn_set_normdn_byref(ancestordn, ptr); /* free any previous contents */
/* now, do the same for the normalized version */
/* ancestorndn holds the normalized version for iteration purposes and
because dn2entry needs the normalized dn */
@@ -221,7 +219,7 @@ dn2ancestor(
slapi_sdn_set_ndn_byref(&ancestorndn, ptr); /* wipe out the previous contents */
/* now do the same for the unnormalized one */
ptr = slapi_dn_find_parent(slapi_sdn_get_dn(ancestordn));
- slapi_sdn_set_dn_byref(ancestordn, ptr); /* wipe out the previous contents */
+ slapi_sdn_set_normdn_byref(ancestordn, ptr); /* wipe out the previous contents */
}
}
@@ -256,17 +254,20 @@ get_copy_of_entry(Slapi_PBlock *pb, const entry_address *addr, back_txn *txn, in
}
else
{
- Slapi_DN sdn;
- slapi_sdn_init_dn_byref (&sdn, addr->dn); /* We assume that the DN is not normalized */
- entry = dn2entry( be, &sdn, txn, &err );
- slapi_sdn_done (&sdn);
+ if (addr->sdn) {
+ entry = dn2entry( be, addr->sdn, txn, &err );
+ } else {
+ err = 1;
+ }
}
if ( 0 != err && DB_NOTFOUND != err )
{
if(must_exist)
{
- LDAPDebug( LDAP_DEBUG_ANY, "Operation error fetching %s (%s), error %d.\n",
- addr->dn, (addr->uniqueid==NULL?"null":addr->uniqueid), err );
+ LDAPDebug( LDAP_DEBUG_ANY,
+ "Operation error fetching %s (%s), error %d.\n",
+ addr->sdn?slapi_sdn_get_dn(addr->sdn):"Null DN",
+ (addr->uniqueid==NULL?"null":addr->uniqueid), err );
}
if ( LDAP_INVALID_DN_SYNTAX == err ) {
rc = LDAP_INVALID_DN_SYNTAX; /* respect the error */
@@ -280,9 +281,9 @@ get_copy_of_entry(Slapi_PBlock *pb, const entry_address *addr, back_txn *txn, in
if(entry!=NULL)
{
ldbm_instance *inst;
- slapi_pblock_set( pb, plock_parameter, slapi_entry_dup(entry->ep_entry));
+ slapi_pblock_set( pb, plock_parameter, slapi_entry_dup(entry->ep_entry));
inst = (ldbm_instance *) be->be_instance_info;
- CACHE_RETURN( &inst->inst_cache, &entry );
+ CACHE_RETURN( &inst->inst_cache, &entry );
}
}
/* JCMREPL - Free the backentry? */
diff --git a/ldap/servers/slapd/back-ldbm/findentry.c b/ldap/servers/slapd/back-ldbm/findentry.c
index 9c076f8..d1cee86 100644
--- a/ldap/servers/slapd/back-ldbm/findentry.c
+++ b/ldap/servers/slapd/back-ldbm/findentry.c
@@ -276,17 +276,21 @@ find_entry_internal(
}
else
{
- Slapi_DN sdn;
- struct backentry *entry;
+ struct backentry *entry = NULL;
- slapi_sdn_init_dn_ndn_byref (&sdn, addr->dn); /* normalized by front end */
LDAPDebug( LDAP_DEBUG_TRACE, "=> find_entry_internal (dn=%s) lock %d\n",
- addr->dn, lock, 0 );
- entry = find_entry_internal_dn (pb, be, &sdn, lock, txn, really_internal);
- slapi_sdn_done (&sdn);
+ slapi_sdn_get_dn(addr->sdn), lock, 0 );
+ if (addr->sdn) {
+ entry = find_entry_internal_dn (pb, be, addr->sdn,
+ lock, txn, really_internal);
+ } else {
+ LDAPDebug0Args( LDAP_DEBUG_ANY,
+ "find_entry_internal: Null target dn\n" );
+ }
+
+ LDAPDebug0Args( LDAP_DEBUG_TRACE, "<= find_entry_internal\n" );
return entry;
}
-
}
struct backentry *
diff --git a/ldap/servers/slapd/back-ldbm/id2entry.c b/ldap/servers/slapd/back-ldbm/id2entry.c
index 432f80a..bfea99e 100644
--- a/ldap/servers/slapd/back-ldbm/id2entry.c
+++ b/ldap/servers/slapd/back-ldbm/id2entry.c
@@ -373,40 +373,40 @@ id2entry( backend *be, ID id, back_txn *txn, int *err )
/* data.dptr may not include rdn: ..., try "dn: ..." */
ee = slapi_str2entry( data.dptr, SLAPI_STR2ENTRY_NO_ENTRYDN );
} else {
- char *dn = NULL;
+ char *normdn = NULL;
struct backdn *bdn = dncache_find_id(&inst->inst_dncache, id);
if (bdn) {
- dn = slapi_ch_strdup(slapi_sdn_get_dn(bdn->dn_sdn));
+ normdn = slapi_ch_strdup(slapi_sdn_get_dn(bdn->dn_sdn));
slapi_log_error(SLAPI_LOG_CACHE, ID2ENTRY,
- "dncache_find_id returned: %s\n", dn);
+ "dncache_find_id returned: %s\n", normdn);
CACHE_RETURN(&inst->inst_dncache, &bdn);
} else {
Slapi_DN *sdn = NULL;
- rc = entryrdn_lookup_dn(be, rdn, id, &dn, txn);
+ rc = entryrdn_lookup_dn(be, rdn, id, &normdn, txn);
if (rc) {
slapi_log_error(SLAPI_LOG_TRACE, ID2ENTRY,
"id2entry: entryrdn look up failed "
"(rdn=%s, ID=%d)\n", rdn, id);
/* Try rdn as dn. Could be RUV. */
- dn = slapi_ch_strdup(rdn);
+ normdn = slapi_ch_strdup(rdn);
}
- sdn = slapi_sdn_new_dn_byval((const char *)dn);
+ sdn = slapi_sdn_new_normdn_byval((const char *)normdn);
bdn = backdn_init(sdn, id, 0);
if (CACHE_ADD( &inst->inst_dncache, bdn, NULL )) {
backdn_free(&bdn);
slapi_log_error(SLAPI_LOG_CACHE, ID2ENTRY,
- "%s is already in the dn cache\n", dn);
+ "%s is already in the dn cache\n", normdn);
} else {
CACHE_RETURN(&inst->inst_dncache, &bdn);
slapi_log_error(SLAPI_LOG_CACHE, ID2ENTRY,
"entryrdn_lookup_dn returned: %s, "
- "and set to dn cache (id %d)\n", dn, id);
+ "and set to dn cache (id %d)\n", normdn, id);
}
}
- ee = slapi_str2entry_ext( (const char *)dn, data.dptr,
+ ee = slapi_str2entry_ext( (const char *)normdn, data.dptr,
SLAPI_STR2ENTRY_NO_ENTRYDN );
slapi_ch_free_string(&rdn);
- slapi_ch_free_string(&dn);
+ slapi_ch_free_string(&normdn);
}
} else {
ee = slapi_str2entry( data.dptr, 0 );
diff --git a/ldap/servers/slapd/back-ldbm/idl_common.c b/ldap/servers/slapd/back-ldbm/idl_common.c
index 593a036..f04f8de 100644
--- a/ldap/servers/slapd/back-ldbm/idl_common.c
+++ b/ldap/servers/slapd/back-ldbm/idl_common.c
@@ -133,7 +133,7 @@ idl_append_extend(IDList **orig_idl, ID id)
IDList *idl = *orig_idl;
if (idl == NULL) {
- idl = idl_alloc(1);
+ idl = idl_alloc(32); /* used to be 0 */
idl_append(idl, id);
*orig_idl = idl;
@@ -151,9 +151,7 @@ idl_append_extend(IDList **orig_idl, ID id)
}
/* copy over the existing contents */
idl_new->b_nids = idl->b_nids;
- for (x = 0; x < idl->b_nids;x++) {
- idl_new->b_ids[x] = idl->b_ids[x];
- }
+ memcpy(idl_new->b_ids, idl->b_ids, sizeof(ID) * idl->b_nids);
idl_free(idl);
idl = idl_new;
}
diff --git a/ldap/servers/slapd/back-ldbm/import-threads.c b/ldap/servers/slapd/back-ldbm/import-threads.c
index 207c470..e95d32f 100644
--- a/ldap/servers/slapd/back-ldbm/import-threads.c
+++ b/ldap/servers/slapd/back-ldbm/import-threads.c
@@ -521,6 +521,7 @@ import_producer(void *param)
if (!(str2entry_flags & SLAPI_STR2ENTRY_INCLUDE_VERSION_STR) &&
entryrdn_get_switch()) { /* subtree-rename: on */
char *dn = NULL;
+ char *normdn = NULL;
int rc = 0; /* estr should start with "dn: " or "dn:: " */
if (strncmp(estr, "dn: ", 4) &&
NULL == strstr(estr, "\ndn: ") && /* in case comments precedes
@@ -541,8 +542,11 @@ import_producer(void *param)
FREE(estr);
continue;
}
- e = slapi_str2entry_ext(dn, estr, flags|SLAPI_STR2ENTRY_NO_ENTRYDN);
+ normdn = slapi_create_dn_string("%s", dn);
slapi_ch_free_string(&dn);
+ e = slapi_str2entry_ext(normdn, estr,
+ flags|SLAPI_STR2ENTRY_NO_ENTRYDN);
+ slapi_ch_free_string(&normdn);
} else {
e = slapi_str2entry(estr, flags);
}
@@ -1038,16 +1042,16 @@ index_producer(void *param)
}
}
} else {
- char *dn = NULL;
+ char *normdn = NULL;
struct backdn *bdn =
dncache_find_id(&inst->inst_dncache, temp_id);
if (bdn) {
/* don't free dn */
- dn = (char *)slapi_sdn_get_dn(bdn->dn_sdn);
+ normdn = (char *)slapi_sdn_get_dn(bdn->dn_sdn);
CACHE_RETURN(&inst->inst_dncache, &bdn);
} else {
Slapi_DN *sdn = NULL;
- rc = entryrdn_lookup_dn(be, rdn, temp_id, &dn, NULL);
+ rc = entryrdn_lookup_dn(be, rdn, temp_id, &normdn, NULL);
if (rc) {
/* We cannot use the entryrdn index;
* Compose dn from the entries in id2entry */
@@ -1090,21 +1094,21 @@ index_producer(void *param)
continue;
}
}
- dn = slapi_ch_smprintf("%s%s%s",
+ normdn = slapi_ch_smprintf("%s%s%s",
rdn, pdn?",":"", pdn?pdn:"");
slapi_ch_free_string(&pdn);
}
/* dn is not dup'ed in slapi_sdn_new_dn_byref.
* It's set to bdn and put in the dn cache. */
- sdn = slapi_sdn_new_dn_byref(dn);
+ sdn = slapi_sdn_new_normdn_byref(normdn);
bdn = backdn_init(sdn, temp_id, 0);
CACHE_ADD( &inst->inst_dncache, bdn, NULL );
CACHE_RETURN(&inst->inst_dncache, &bdn);
slapi_log_error(SLAPI_LOG_CACHE, "ldbm2index",
"entryrdn_lookup_dn returned: %s, "
- "and set to dn cache\n", dn);
+ "and set to dn cache\n", normdn);
}
- e = slapi_str2entry_ext(dn, data.dptr,
+ e = slapi_str2entry_ext(normdn, data.dptr,
SLAPI_STR2ENTRY_NO_ENTRYDN);
slapi_ch_free_string(&rdn);
}
@@ -1283,7 +1287,7 @@ upgradedn_producer(void *param)
struct upgradedn_attr *ud_ptr = NULL;
Slapi_Attr *ud_attr = NULL;
char *ecopy = NULL;
- char *dn = NULL;
+ const char *normdn = NULL;
/* vars for Berkeley DB */
DB_ENV *env = NULL;
@@ -1384,7 +1388,7 @@ upgradedn_producer(void *param)
ecopy = (char *)slapi_ch_malloc(data.dsize + 1);
memcpy(ecopy, data.dptr, data.dsize);
*(ecopy + data.dsize) = '\0';
- dn = NULL;
+ normdn = NULL;
doit = 0;
if (entryrdn_get_switch()) {
char *rdn = NULL;
@@ -1400,10 +1404,11 @@ upgradedn_producer(void *param)
dncache_find_id(&inst->inst_dncache, temp_id);
if (bdn) {
/* don't free dn */
- dn = (char *)slapi_sdn_get_dn(bdn->dn_sdn);
+ normdn = (char *)slapi_sdn_get_dn(bdn->dn_sdn);
CACHE_RETURN(&inst->inst_dncache, &bdn);
} else {
- rc = entryrdn_lookup_dn(be, rdn, temp_id, &dn, NULL);
+ rc = entryrdn_lookup_dn(be, rdn, temp_id,
+ (char **)&normdn, NULL);
if (rc) {
/* We cannot use the entryrdn index;
* Compose dn from the entries in id2entry */
@@ -1446,21 +1451,21 @@ upgradedn_producer(void *param)
continue;
}
}
- dn = slapi_ch_smprintf("%s%s%s",
+ normdn = slapi_ch_smprintf("%s%s%s",
rdn, pdn?",":"", pdn?pdn:"");
slapi_ch_free_string(&pdn);
}
/* dn is not dup'ed in slapi_sdn_new_dn_byref.
* It's set to bdn and put in the dn cache. */
- sdn = slapi_sdn_new_dn_byref(dn);
+ sdn = slapi_sdn_new_normdn_byref(normdn);
bdn = backdn_init(sdn, temp_id, 0);
CACHE_ADD( &inst->inst_dncache, bdn, NULL );
CACHE_RETURN(&inst->inst_dncache, &bdn);
slapi_log_error(SLAPI_LOG_CACHE, "ldbm2index",
"entryrdn_lookup_dn returned: %s, "
- "and set to dn cache\n", dn);
+ "and set to dn cache\n", normdn);
}
- e = slapi_str2entry_ext(dn, data.dptr,
+ e = slapi_str2entry_ext(normdn, data.dptr,
SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT);
slapi_ch_free_string(&rdn);
}
@@ -1485,23 +1490,13 @@ upgradedn_producer(void *param)
* SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT
* -- normalize it with the new format
*/
- if (!dn) {
- get_value_from_string((const char *)ecopy, "dn", &dn);
+ if (!normdn) {
+ get_value_from_string((const char *)ecopy, "dn", (char **)&normdn);
}
- if (dn) {
- char *dest = NULL;
- size_t dest_len = 0;
-
- rc = slapi_dn_normalize_ext(dn, strlen(dn), &dest, &dest_len);
- if (rc > 0) {
- slapi_ch_free_string(&dn);
- dn = dest;
- } else {
- *(dn + dest_len) = '\0'; /* src is passed in;
- it's possible dn_len < dest_len */
- }
+ if (normdn) {
slapi_sdn_done(&(e->e_sdn));
- slapi_sdn_init_dn_passin(&(e->e_sdn), dn);
+ slapi_sdn_init_dn_passin(&(e->e_sdn), normdn);
+ normdn = slapi_sdn_get_dn(&(e->e_sdn));
}
/* From here, e != NULL */
@@ -1559,7 +1554,7 @@ upgradedn_producer(void *param)
if (rc) {
LDAPDebug(LDAP_DEBUG_ANY, "%s: Failed to add rdn values "
"to an entry: %s (id %lu)\n",
- inst->inst_name, dn, (u_long)temp_id);
+ inst->inst_name, normdn, (u_long)temp_id);
slapi_entry_free(e); e = NULL;
continue;
}
@@ -1636,7 +1631,7 @@ upgradedn_producer(void *param)
LDAPDebug(LDAP_DEBUG_ANY,
"%s: Failed to add rdn values "
"to an entry: %s (id %lu)\n",
- inst->inst_name, dn, (u_long)temp_id);
+ inst->inst_name, normdn, (u_long)temp_id);
slapi_entry_free(e); e = NULL;
continue;
}
@@ -2251,12 +2246,11 @@ import_foreman(void *param)
char *new_dn = NULL;
char *orig_dn =
slapi_ch_strdup(slapi_entry_get_dn(fi->entry->ep_entry));
- int rc = 0;
nsuniqueid = attrlist_find(fi->entry->ep_entry->e_attrs,
"nsuniqueid");
if (nsuniqueid) {
Slapi_Value *uival = NULL;
- rc = slapi_attr_first_value(nsuniqueid, &uival);
+ slapi_attr_first_value(nsuniqueid, &uival);
uuidstr = slapi_value_get_string(uival);
} else {
import_log_notice(job, "ERROR: Failed to get nsUniqueId "
@@ -3453,9 +3447,8 @@ import_get_and_add_parent_rdns(ImportWorkerInfo *info,
{
int rc = -1;
struct backdn *bdn = NULL;
- struct ldbminfo *li = NULL;
Slapi_Entry *e = NULL;
- char *dn = NULL;
+ char *normdn = NULL;
if (!entryrdn_get_switch()) { /* entryrdn specific function */
return rc;
@@ -3466,7 +3459,6 @@ import_get_and_add_parent_rdns(ImportWorkerInfo *info,
NULL==inst?"inst":"srdn");
return rc;
}
- li = inst->inst_li;
/* first, try the dn cache */
bdn = dncache_find_id(&inst->inst_dncache, id);
@@ -3563,8 +3555,8 @@ import_get_and_add_parent_rdns(ImportWorkerInfo *info,
}
}
- dn = NULL;
- rc = slapi_rdn_get_dn(&mysrdn, &dn);
+ normdn = NULL;
+ rc = slapi_rdn_get_dn(&mysrdn, &normdn);
if (rc) {
LDAPDebug2Args( LDAP_DEBUG_ANY,
"import_get_and_add_parent_rdns: "
@@ -3572,7 +3564,7 @@ import_get_and_add_parent_rdns(ImportWorkerInfo *info,
"from Slapi_RDN\n", rdn, id);
goto bail;
}
- e = slapi_str2entry_ext(dn, data.dptr, SLAPI_STR2ENTRY_NO_ENTRYDN);
+ e = slapi_str2entry_ext(normdn, data.dptr, SLAPI_STR2ENTRY_NO_ENTRYDN);
(*curr_entry)++;
rc = index_set_entry_to_fifo(info, e, id, total_id, *curr_entry);
if (rc) {
diff --git a/ldap/servers/slapd/back-ldbm/instance.c b/ldap/servers/slapd/back-ldbm/instance.c
index 74a01a8..0217e96 100644
--- a/ldap/servers/slapd/back-ldbm/instance.c
+++ b/ldap/servers/slapd/back-ldbm/instance.c
@@ -141,6 +141,7 @@ int ldbm_instance_create(backend *be, char *name)
goto done;
error:
+ slapi_ch_free_string(&inst->inst_name);
slapi_ch_free((void**)&inst);
done:
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index 5ade337..d2e89a9 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -79,7 +79,7 @@ ldbm_back_add( Slapi_PBlock *pb )
backend *be;
struct ldbminfo *li;
ldbm_instance *inst;
- char *dn = NULL;
+ const char *dn = NULL;
Slapi_Entry *e = NULL;
struct backentry *tombstoneentry = NULL;
struct backentry *addingentry = NULL;
@@ -105,7 +105,7 @@ ldbm_back_add( Slapi_PBlock *pb )
int addingentry_id_assigned= 0;
int addingentry_in_cache= 0;
int tombstone_in_cache= 0;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_DN parentsdn;
Slapi_Operation *operation;
int dblock_acquired= 0;
@@ -134,7 +134,6 @@ ldbm_back_add( Slapi_PBlock *pb )
inst = (ldbm_instance *) be->be_instance_info;
/* sdn & parentsdn need to be initialized before "goto *_return" */
- slapi_sdn_init(&sdn);
slapi_sdn_init(&parentsdn);
/* Get rid of ldbm backend attributes that you are not allowed to specify yourself */
@@ -195,17 +194,21 @@ ldbm_back_add( Slapi_PBlock *pb )
{
/* Check if an entry with the intended uniqueid already exists. */
done_with_pblock_entry(pb,SLAPI_ADD_EXISTING_UNIQUEID_ENTRY); /* Could be through this multiple times */
- addr.dn = addr.udn = NULL;
+ addr.udn = NULL;
+ addr.sdn = NULL;
addr.uniqueid = (char*)slapi_entry_get_uniqueid(e); /* jcm - cast away const */
ldap_result_code= get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_EXISTING_UNIQUEID_ENTRY, !is_replicated_operation);
}
if(slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_EXISTING_DN_ENTRY))
{
- slapi_pblock_get( pb, SLAPI_ADD_TARGET, &dn );
- if (NULL == dn)
+ slapi_pblock_get( pb, SLAPI_ADD_TARGET_SDN, &sdn );
+ if (NULL == sdn)
{
+ LDAPDebug0Args(LDAP_DEBUG_ANY,
+ "ldbm_back_add: Null target dn\n");
goto error_return;
}
+ dn = slapi_sdn_get_dn(sdn);
ldap_result_code = slapi_dn_syntax_check(pb, dn, 1);
if (ldap_result_code)
{
@@ -213,11 +216,10 @@ ldbm_back_add( Slapi_PBlock *pb )
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
goto error_return;
}
- slapi_sdn_set_dn_byref(&sdn, dn);
- slapi_sdn_get_backend_parent(&sdn,&parentsdn,pb->pb_backend);
+ slapi_sdn_get_backend_parent(sdn, &parentsdn, pb->pb_backend);
/* Check if an entry with the intended DN already exists. */
done_with_pblock_entry(pb,SLAPI_ADD_EXISTING_DN_ENTRY); /* Could be through this multiple times */
- addr.dn = dn;
+ addr.sdn = sdn;
addr.udn = NULL;
addr.uniqueid = NULL;
ldap_result_code= get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_EXISTING_DN_ENTRY, !is_replicated_operation);
@@ -233,7 +235,7 @@ ldbm_back_add( Slapi_PBlock *pb )
slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_PARENT_ENTRY))
{
done_with_pblock_entry(pb,SLAPI_ADD_PARENT_ENTRY); /* Could be through this multiple times */
- addr.dn = (char*)slapi_sdn_get_dn (&parentsdn); /* get_copy_of_entry assumes the DN is not normalized */
+ addr.sdn = &parentsdn;
addr.udn = NULL;
addr.uniqueid = operation->o_params.p.p_add.parentuniqueid;
ldap_result_code= get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_PARENT_ENTRY, !is_replicated_operation);
@@ -273,7 +275,7 @@ ldbm_back_add( Slapi_PBlock *pb )
*/
if(have_parent_address(&parentsdn, operation->o_params.p.p_add.parentuniqueid))
{
- addr.dn = (char*)slapi_sdn_get_dn (&parentsdn);
+ addr.sdn = &parentsdn;
addr.udn = NULL;
addr.uniqueid = operation->o_params.p.p_add.parentuniqueid;
parententry = find_entry2modify_only(pb,be,&addr,&txn);
@@ -313,7 +315,7 @@ ldbm_back_add( Slapi_PBlock *pb )
int err= 0;
Slapi_DN ancestordn= {0};
struct backentry *ancestorentry;
- ancestorentry= dn2ancestor(pb->pb_backend,&sdn,&ancestordn,&txn,&err);
+ ancestorentry= dn2ancestor(pb->pb_backend,sdn,&ancestordn,&txn,&err);
slapi_sdn_done(&ancestordn);
if ( ancestorentry != NULL )
{
@@ -355,7 +357,8 @@ ldbm_back_add( Slapi_PBlock *pb )
* When we resurect a tombstone we must use its UniqueID
* to find the tombstone entry and lock it down in the cache.
*/
- addr.dn = addr.udn = NULL;
+ addr.udn = NULL;
+ addr.sdn = NULL;
addr.uniqueid = (char *)slapi_entry_get_uniqueid(e); /* jcm - cast away const */
tombstoneentry = find_entry2modify( pb, be, &addr, &txn );
if ( tombstoneentry==NULL )
@@ -368,7 +371,7 @@ ldbm_back_add( Slapi_PBlock *pb )
addingentry = backentry_dup( tombstoneentry );
if ( addingentry==NULL )
{
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ ldap_result_code= LDAP_OPERATIONS_ERROR;
goto error_return;
}
/*
@@ -378,8 +381,11 @@ ldbm_back_add( Slapi_PBlock *pb )
* The entry comes back to life as a Glue entry, so we add the
* magic objectclass.
*/
- slapi_pblock_get( pb, SLAPI_ADD_TARGET, &dn );
- slapi_sdn_set_dn_byref(&sdn, dn);
+ if (NULL == sdn) {
+ LDAPDebug0Args(LDAP_DEBUG_ANY, "ldbm_back_add: Null target dn\n");
+ goto error_return;
+ }
+ dn = slapi_sdn_get_dn(sdn);
slapi_entry_set_dn(addingentry->ep_entry, slapi_ch_strdup(dn)); /* The DN is passed into the entry. */
/* LPREPL: the DN is normalized...Somehow who should get a not normalized one */
addingentry->ep_id = slapi_entry_attr_get_ulong(addingentry->ep_entry,"entryid");
@@ -742,7 +748,11 @@ ldbm_back_add( Slapi_PBlock *pb )
}
goto error_return;
}
- retval = index_addordel_string(be,SLAPI_ATTR_NSCP_ENTRYDN,slapi_sdn_get_ndn(&sdn),addingentry->ep_id,BE_INDEX_DEL,&txn);
+ retval = index_addordel_string(be,
+ SLAPI_ATTR_NSCP_ENTRYDN,
+ slapi_sdn_get_ndn(sdn),
+ addingentry->ep_id,
+ BE_INDEX_DEL, &txn);
if (DB_LOCK_DEADLOCK == retval) {
LDAPDebug( LDAP_DEBUG_ARGS, "add 4 DB_LOCK_DEADLOCK\n", 0, 0, 0 );
/* Retry txn */
@@ -1011,7 +1021,6 @@ common_return:
{
slapi_send_ldap_result( pb, ldap_result_code, ldap_result_matcheddn, ldap_result_message, 0, NULL );
}
- slapi_sdn_done(&sdn);
slapi_sdn_done(&parentsdn);
slapi_ch_free( (void**)&ldap_result_matcheddn );
slapi_ch_free( (void**)&errbuf );
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_config.c b/ldap/servers/slapd/back-ldbm/ldbm_config.c
index 558e1e9..b179591 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_config.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_config.c
@@ -1344,20 +1344,21 @@ void ldbm_config_setup_default(struct ldbminfo *li)
}
}
-void
+int
ldbm_config_read_instance_entries(struct ldbminfo *li, const char *backend_type)
{
Slapi_PBlock *tmp_pb;
Slapi_Entry **entries = NULL;
char *basedn = NULL;
+ int rc = 0;
/* Construct the base dn of the subtree that holds the instance entries. */
basedn = slapi_create_dn_string("cn=%s,cn=plugins,cn=config", backend_type);
if (NULL == basedn) {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
"ldbm_config_read_instance_entries: "
- "failed create backend dn for %s\n", backend_type);
- return;
+ "failed to create backend dn for %s\n", backend_type);
+ return 1;
}
/* Do a search of the subtree containing the instance entries */
@@ -1368,13 +1369,24 @@ ldbm_config_read_instance_entries(struct ldbminfo *li, const char *backend_type)
if (entries!=NULL) {
int i;
for (i=0; entries[i]!=NULL; i++) {
- ldbm_instance_add_instance_entry_callback(NULL, entries[i], NULL, NULL, NULL, li);
+ rc = ldbm_instance_add_instance_entry_callback(NULL,
+ entries[i], NULL, NULL, NULL, li);
+ if (SLAPI_DSE_CALLBACK_ERROR == rc) {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "ldbm_config_read_instance_entries: "
+ "failed to add instance entry %s\n",
+ slapi_entry_get_dn_const(entries[i]));
+ break;
+ }
+ rc = 0;
}
}
slapi_free_search_results_internal(tmp_pb);
slapi_pblock_destroy(tmp_pb);
slapi_ch_free_string(&basedn);
+
+ return rc;
}
/* Reads in any config information held in the dse for the ldbm plugin.
@@ -1453,7 +1465,13 @@ int ldbm_config_load_dse_info(struct ldbminfo *li)
/* Find all the instance entries and create a Slapi_Backend and an
* ldbm_instance for each */
- ldbm_config_read_instance_entries(li, li->li_plugin->plg_name);
+ rval = ldbm_config_read_instance_entries(li, li->li_plugin->plg_name);
+ if (rval) {
+ LDAPDebug0Args(LDAP_DEBUG_ANY,
+ "ldbm_config_load_dse_info: "
+ "failed to read instance entries\n");
+ goto bail;
+ }
/* setup the dse callback functions for the ldbm backend config entry */
slapi_config_register_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP, dn,
@@ -1473,7 +1491,7 @@ int ldbm_config_load_dse_info(struct ldbminfo *li)
if (NULL == dn) {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
"ldbm_config_load_dse_info: "
- "failed create monitor dn for %s\n",
+ "failed to create monitor dn for %s\n",
li->li_plugin->plg_name);
rval = 1;
goto bail;
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 40aed48..c1f1142 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -76,6 +76,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
int ldap_result_code= LDAP_SUCCESS;
char *ldap_result_message= NULL;
Slapi_DN sdn;
+ Slapi_DN *sdnp = NULL;
char *e_uniqueid = NULL;
Slapi_DN *nscpEntrySDN = NULL;
int dblock_acquired= 0;
@@ -97,13 +98,13 @@ ldbm_back_delete( Slapi_PBlock *pb )
slapi_pblock_get( pb, SLAPI_BACKEND, &be);
slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &li );
- slapi_pblock_get( pb, SLAPI_DELETE_TARGET, &dn );
+ slapi_pblock_get( pb, SLAPI_DELETE_TARGET_SDN, &sdnp );
slapi_pblock_get( pb, SLAPI_TARGET_ADDRESS, &addr);
slapi_pblock_get( pb, SLAPI_TXN, (void**)&parent_txn );
slapi_pblock_get( pb, SLAPI_OPERATION, &operation );
slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation );
- /* sdn & parentsdn need to be initialized before "goto *_return */
+ /* sdn needs to be initialized before "goto *_return */
slapi_sdn_init(&sdn);
/* dblayer_txn_init needs to be called before "goto error_return" */
@@ -122,7 +123,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
/* retval is -1 */
goto error_return;
}
- ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
+ ldap_result_code = slapi_dn_syntax_check(pb, slapi_sdn_get_dn(sdnp), 1);
if (ldap_result_code)
{
ldap_result_code = LDAP_INVALID_DN_SYNTAX;
@@ -137,7 +138,10 @@ ldbm_back_delete( Slapi_PBlock *pb )
inst = (ldbm_instance *) be->be_instance_info;
- slapi_sdn_init_dn_byref(&sdn,dn);
+ if (NULL == sdnp) {
+ slapi_sdn_init_normdn_byref(&sdn, dn);
+ sdnp = &sdn;
+ }
/* The dblock serializes writes to the database,
* which reduces deadlocking in the db code,
@@ -318,13 +322,13 @@ ldbm_back_delete( Slapi_PBlock *pb )
Slapi_DN parentsdn;
slapi_sdn_init(&parentsdn);
- slapi_sdn_get_backend_parent(&sdn,&parentsdn,pb->pb_backend);
+ slapi_sdn_get_backend_parent(sdnp, &parentsdn, pb->pb_backend);
if ( !slapi_sdn_isempty(&parentsdn) )
{
struct backentry *parent = NULL;
entry_address parent_addr;
- parent_addr.dn = (char*)slapi_sdn_get_dn (&parentsdn);
+ parent_addr.sdn = &parentsdn;
parent_addr.uniqueid = NULL;
parent = find_entry2modify_only(pb,be,&parent_addr,&txn);
if (NULL != parent) {
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
index 2f1e648..54f22a3 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
@@ -445,7 +445,7 @@ entryrdn_rename_subtree(backend *be,
slapi_log_error(SLAPI_LOG_FATAL, ENTRYRDN_TAG,
"entryrdn_rename_subtree: Param error: Empty %s\n",
NULL==be?"backend":NULL==oldsdn?"old dn":
- (NULL==mynewsrdn&&NULL==mynewsupsdn)?"new dn and new superior":
+ (NULL==newsrdn&&NULL==newsupsdn)?"new dn and new superior":
0==id?"id":"unknown");
goto bail;
}
@@ -1015,7 +1015,6 @@ entryrdn_lookup_dn(backend *be,
char *nrdn = NULL;
size_t nrdn_len = 0;
ID workid = id; /* starting from the given id */
- ID previd = id;
rdn_elem *elem = NULL;
int maybesuffix = 0;
@@ -1111,7 +1110,6 @@ retry_get1:
}
/* Iterate over the duplicates to get the direct child's ID */
- previd = workid;
workid = 0;
if (maybesuffix) {
/* it is a suffix, indeed. done. */
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c b/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
index 7709cfb..88b20d0 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
@@ -773,8 +773,8 @@ ldbm_instance_modify_config_entry_callback(Slapi_PBlock *pb, Slapi_Entry* entryB
if (strcasecmp(attr_name, CONFIG_INSTANCE_SUFFIX) == 0) {
/* naughty naughty, we don't allow this */
rc = LDAP_UNWILLING_TO_PERFORM;
- PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
- "Can't change the root suffix of a backend");
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "Can't change the root suffix of a backend");
LDAPDebug(LDAP_DEBUG_ANY,
"ldbm: modify attempted to change the root suffix "
"of a backend (which is not allowed)\n",
@@ -841,10 +841,13 @@ static int ldbm_instance_generate(struct ldbminfo *li, char *instance_name,
new_be = slapi_be_new(LDBM_DATABASE_TYPE_NAME /* type */, instance_name,
0 /* public */, 1 /* do log changes */);
new_be->be_database = li->li_plugin;
- ldbm_instance_create(new_be, instance_name);
+ rc = ldbm_instance_create(new_be, instance_name);
+ if (rc) {
+ goto bail;
+ }
ldbm_instance_config_load_dse_info(new_be->be_instance_info);
- rc = ldbm_instance_create_default_indexes(new_be);
+ ldbm_instance_create_default_indexes(new_be);
/* if USN plugin is enabled, set slapi_counter */
if (plugin_enabled("USN", li->li_identity) && ldbm_back_isinitialized()) {
@@ -867,7 +870,7 @@ static int ldbm_instance_generate(struct ldbminfo *li, char *instance_name,
if (ret_be != NULL) {
*ret_be = new_be;
}
-
+bail:
return rc;
}
@@ -881,7 +884,13 @@ ldbm_instance_postadd_instance_entry_callback(Slapi_PBlock *pb, Slapi_Entry* ent
int rval = 0;
parse_ldbm_instance_entry(entryBefore, &instance_name);
- ldbm_instance_generate(li, instance_name, &be);
+ rval = ldbm_instance_generate(li, instance_name, &be);
+ if (rval) {
+ LDAPDebug(LDAP_DEBUG_ANY,
+ "ldbm_instance_postadd_instance_entry_callback: "
+ "ldbm_instance_generate (%s) failed (%d)\n",
+ instance_name, rval, 0);
+ }
inst = ldbm_instance_find_by_name(li, instance_name);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index ff2fc97..1a85e14 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -244,7 +244,7 @@ ldbm_back_modify( Slapi_PBlock *pb )
{
goto error_return;
}
- ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
+ ldap_result_code = slapi_dn_syntax_check(pb, slapi_sdn_get_dn(addr->sdn), 1);
if (ldap_result_code)
{
ldap_result_code = LDAP_INVALID_DN_SYNTAX;
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index bcbe9c7..a8980b5 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -90,10 +90,10 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
IDList *children= NULL;
struct backentry **child_entries = NULL;
struct backdn **child_dns = NULL;
- Slapi_DN dn_olddn = {0};
+ Slapi_DN *sdn = NULL;
Slapi_DN dn_newdn = {0};
Slapi_DN dn_newrdn = {0};
- Slapi_DN dn_newsuperiordn = {0};
+ Slapi_DN *dn_newsuperiordn = NULL;
Slapi_DN dn_parentdn;
int rc;
int isroot;
@@ -109,7 +109,6 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
entry_address *old_addr;
entry_address oldparent_addr;
entry_address *newsuperior_addr;
- char *dn;
char ebuf[BUFSIZ];
CSN *opcsn = NULL;
@@ -117,7 +116,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
slapi_sdn_init(&dn_newdn);
slapi_sdn_init(&dn_parentdn);
- slapi_pblock_get( pb, SLAPI_MODRDN_TARGET, &dn );
+ slapi_pblock_get( pb, SLAPI_MODRDN_TARGET_SDN, &sdn );
slapi_pblock_get( pb, SLAPI_BACKEND, &be);
slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &li );
slapi_pblock_get( pb, SLAPI_TXN, (void**)&parent_txn );
@@ -127,6 +126,12 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
is_ruv = operation_is_flag_set(operation, OP_FLAG_REPL_RUV);
is_fixup_operation = operation_is_flag_set(operation, OP_FLAG_REPL_FIXUP);
+ if (NULL == sdn) {
+ slapi_send_ldap_result( pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "Null target DN", 0, NULL );
+ return( -1 );
+ }
+
/* dblayer_txn_init needs to be called before "goto error_return" */
dblayer_txn_init(li,&txn);
/* the calls to search for entries require the parent txn if any
@@ -140,23 +145,21 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
inst = (ldbm_instance *) be->be_instance_info;
{
- char *newrdn, *newsuperiordn;
+ char *newrdn/* , *newsuperiordn */;
slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &newrdn );
- slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperiordn );
- slapi_sdn_init_dn_byref(&dn_olddn,dn);
- slapi_sdn_init_dn_byref(&dn_newrdn,newrdn);
- slapi_sdn_init_dn_byref(&dn_newsuperiordn,newsuperiordn);
- slapi_sdn_get_parent(&dn_olddn,&dn_parentdn);
+ slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &dn_newsuperiordn );
+ slapi_sdn_init_normdn_byref(&dn_newrdn, newrdn);
+ /* slapi_sdn_init_normdn_byref(&dn_newsuperiordn, newsuperiordn); */
+ slapi_sdn_get_parent(sdn, &dn_parentdn);
}
/* if old and new superior are equals, newsuperior should not be set
* Here we have to reset newsuperiordn in order to save processing and
* avoid later deadlock when trying to fetch twice the same entry
*/
- if (slapi_sdn_compare(&dn_newsuperiordn, &dn_parentdn) == 0)
+ if (slapi_sdn_compare(dn_newsuperiordn, &dn_parentdn) == 0)
{
- slapi_sdn_done(&dn_newsuperiordn);
- slapi_sdn_init_dn_byref(&dn_newsuperiordn,NULL);
+ slapi_sdn_done(dn_newsuperiordn);
}
/*
@@ -164,7 +167,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
* Replicated Operations are allowed to change the superior
*/
if ( !entryrdn_get_switch() &&
- (!is_replicated_operation && !slapi_sdn_isempty(&dn_newsuperiordn)))
+ (!is_replicated_operation && !slapi_sdn_isempty(dn_newsuperiordn)))
{
slapi_send_ldap_result( pb, LDAP_UNWILLING_TO_PERFORM, NULL,
"server does not support moving of entries", 0, NULL );
@@ -213,14 +216,15 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/* see if an entry with the new name already exists */
done_with_pblock_entry(pb,SLAPI_MODRDN_EXISTING_ENTRY); /* Could be through this multiple times */
- slapi_sdn_done(&dn_newrdn);
slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &newrdn);
- slapi_sdn_init_dn_byref(&dn_newrdn,newrdn);
- newdn= moddn_get_newdn(pb,&dn_olddn,&dn_newrdn,&dn_newsuperiordn);
+ slapi_sdn_init_normdn_byref(&dn_newrdn, newrdn);
+ newdn= moddn_get_newdn(pb,sdn, &dn_newrdn, dn_newsuperiordn);
slapi_sdn_set_dn_passin(&dn_newdn,newdn);
- new_addr.dn = (char*)slapi_sdn_get_ndn (&dn_newdn);
+ new_addr.sdn = &dn_newdn;
+ new_addr.udn = NULL;
/* check dn syntax on newdn */
- ldap_result_code = slapi_dn_syntax_check(pb, new_addr.dn, 1);
+ ldap_result_code = slapi_dn_syntax_check(pb,
+ (char *)slapi_sdn_get_ndn(&dn_newdn), 1);
if (ldap_result_code)
{
ldap_result_code = LDAP_INVALID_DN_SYNTAX;
@@ -241,23 +245,22 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
{
/* find and lock the old parent entry */
done_with_pblock_entry(pb,SLAPI_MODRDN_PARENT_ENTRY); /* Could be through this multiple times */
- oldparent_addr.dn = (char*)slapi_sdn_get_ndn (&dn_parentdn);
+ oldparent_addr.sdn = &dn_parentdn;
oldparent_addr.uniqueid = NULL;
ldap_result_code= get_copy_of_entry(pb, &oldparent_addr, &txn, SLAPI_MODRDN_PARENT_ENTRY, !is_replicated_operation);
}
/* <new superior> */
- if(slapi_sdn_get_ndn(&dn_newsuperiordn)!=NULL &&
+ if(slapi_sdn_get_ndn(dn_newsuperiordn)!=NULL &&
slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_NEWPARENT_ENTRY))
{
/* find and lock the new parent entry */
done_with_pblock_entry(pb,SLAPI_MODRDN_NEWPARENT_ENTRY); /* Could be through this multiple times */
/* Check that this really is a new superior,
* and not the same old one. Compare parentdn & newsuperior */
- if (slapi_sdn_compare(&dn_newsuperiordn, &dn_parentdn) == 0)
+ if (slapi_sdn_compare(dn_newsuperiordn, &dn_parentdn) == 0)
{
- slapi_sdn_done(&dn_newsuperiordn);
- slapi_sdn_init_dn_byref(&dn_newsuperiordn,NULL);
+ slapi_sdn_done(dn_newsuperiordn);
}
else
{
@@ -271,7 +274,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
}
else
{
- my_addr.dn = (char *)slapi_sdn_get_ndn (&dn_newsuperiordn);
+ my_addr.sdn = dn_newsuperiordn;
my_addr.uniqueid = NULL;
newsuperior_addr = &my_addr;
}
@@ -329,7 +332,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if((entry != NULL) &&
/* allow modrdn even if the src dn and dest dn are identical */
(0 != slapi_sdn_compare((const Slapi_DN *)&dn_newdn,
- (const Slapi_DN *)&dn_olddn)))
+ (const Slapi_DN *)sdn)))
{
ldap_result_code= LDAP_ALREADY_EXISTS;
goto error_return;
@@ -337,13 +340,13 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
}
/* Fetch and lock the parent of the entry that is moving */
- oldparent_addr.dn = (char*)slapi_sdn_get_dn (&dn_parentdn);
+ oldparent_addr.sdn = &dn_parentdn;
oldparent_addr.uniqueid = NULL;
parententry = find_entry2modify_only( pb, be, &oldparent_addr, &txn );
modify_init(&parent_modify_context,parententry);
/* Fetch and lock the new parent of the entry that is moving */
- if(slapi_sdn_get_ndn(&dn_newsuperiordn)!=NULL)
+ if(slapi_sdn_get_ndn(dn_newsuperiordn) != NULL)
{
slapi_pblock_get (pb, SLAPI_MODRDN_NEWSUPERIOR_ADDRESS, &newsuperior_addr);
newparententry = find_entry2modify_only( pb, be, newsuperior_addr, &txn );
@@ -376,22 +379,30 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
* instead. Otherwise, a ModRDN operation will potentially change an
* entry's entire DN (at least with respect to case and spacing).
*/
- slapi_sdn_copy( slapi_entry_get_sdn_const( e->ep_entry ), &dn_olddn );
+ slapi_sdn_copy( slapi_entry_get_sdn_const( e->ep_entry ), sdn );
+ slapi_pblock_set( pb, SLAPI_MODRDN_TARGET_SDN, sdn );
if (newparententry != NULL) {
/* don't forget we also want to preserve case of new superior */
- slapi_sdn_copy(slapi_entry_get_sdn_const(newparententry->ep_entry), &dn_newsuperiordn);
+ if (NULL == dn_newsuperiordn) {
+ dn_newsuperiordn = slapi_sdn_dup(
+ slapi_entry_get_sdn_const(newparententry->ep_entry));
+ } else {
+ slapi_sdn_copy(slapi_entry_get_sdn_const(newparententry->ep_entry),
+ dn_newsuperiordn);
+ }
+ slapi_pblock_set( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, dn_newsuperiordn );
}
slapi_sdn_set_dn_passin(&dn_newdn,
- moddn_get_newdn(pb, &dn_olddn, &dn_newrdn, &dn_newsuperiordn));
+ moddn_get_newdn(pb, sdn, &dn_newrdn, dn_newsuperiordn));
/* Check that we're allowed to add an entry below the new superior */
if ( newparententry == NULL )
{
/* There may not be a new parent because we don't intend there to be one. */
- if(slapi_sdn_get_ndn(&dn_newsuperiordn)!=NULL)
+ if(slapi_sdn_get_ndn(dn_newsuperiordn)!=NULL)
{
/* If the new entry is to be a suffix, and we're root, then it's OK that the new parent doesn't exist */
- if(!(slapi_dn_isbesuffix(pb,slapi_sdn_get_ndn(&dn_newdn)) && isroot))
+ if (!(slapi_be_issuffix(pb->pb_backend, &dn_newdn)) && isroot)
{
/* Here means that we didn't find the parent */
int err = 0;
@@ -405,7 +416,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
"does not exist matched %s, newsuperior = %s\n",
ldap_result_matcheddn == NULL ? "NULL" :
ldap_result_matcheddn,
- slapi_sdn_get_ndn(&dn_newsuperiordn), 0 );
+ slapi_sdn_get_ndn(dn_newsuperiordn), 0 );
slapi_sdn_done(&ancestordn);
goto error_return;
}
@@ -426,7 +437,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if ( parententry == NULL )
{
/* If the entry a suffix, and we're root, then it's OK that the parent doesn't exist */
- if(!(slapi_dn_isbesuffix(pb,slapi_sdn_get_ndn(&dn_olddn)) && isroot))
+ if (!(slapi_be_issuffix(pb->pb_backend, sdn)) && isroot)
{
/* Here means that we didn't find the parent */
ldap_result_matcheddn = "NULL";
@@ -485,7 +496,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if (( cache_add_tentative( &inst->inst_cache, ec, NULL ) != 0 ) &&
/* allow modrdn even if the src dn and dest dn are identical */
( 0 != slapi_sdn_compare((const Slapi_DN *)&dn_newdn,
- (const Slapi_DN *)&dn_olddn)) )
+ (const Slapi_DN *)sdn)) )
{
/* somebody must've created it between dn2entry() and here */
/* JCMREPL - Hmm... we can't permit this to happen...? */
@@ -498,7 +509,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
{
slapi_mods_init(&smods_generated,4);
slapi_mods_init(&smods_generated_wsi,4);
- ldap_result_code = moddn_newrdn_mods(pb, slapi_sdn_get_ndn(&dn_olddn),
+ ldap_result_code = moddn_newrdn_mods(pb, slapi_sdn_get_ndn(sdn),
ec, &smods_generated_wsi, is_replicated_operation);
if (ldap_result_code != LDAP_SUCCESS) {
if (ldap_result_code == LDAP_UNWILLING_TO_PERFORM)
@@ -519,7 +530,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/*
* Update parentid if we have a new superior.
*/
- if(slapi_sdn_get_dn(&dn_newsuperiordn)!=NULL) {
+ if(slapi_sdn_get_dn(dn_newsuperiordn)!=NULL) {
char buf[40]; /* Enough for an ID */
if (parententry != NULL) {
@@ -619,7 +630,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
* If the entry has a new superior then the subordinate count
* of the parents must be updated.
*/
- if(slapi_sdn_get_dn(&dn_newsuperiordn)!=NULL)
+ if(slapi_sdn_get_dn(dn_newsuperiordn)!=NULL)
{
/*
* Update the subordinate count of the parents to reflect the moved child.
@@ -652,12 +663,12 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/* JCM - This is where the subtree lock will appear */
if (entryrdn_get_switch()) /* subtree-rename: on */
{
- children = moddn_get_children(&txn, pb, be, e, &dn_olddn,
+ children = moddn_get_children(&txn, pb, be, e, sdn,
&child_entries, &child_dns);
}
else
{
- children = moddn_get_children(&txn, pb, be, e, &dn_olddn,
+ children = moddn_get_children(&txn, pb, be, e, sdn,
&child_entries, NULL);
}
@@ -781,7 +792,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
}
}
}
- if (slapi_sdn_get_dn(&dn_newsuperiordn)!=NULL)
+ if (slapi_sdn_get_dn(dn_newsuperiordn)!=NULL)
{
/* Push out the db modifications from the parent entry */
retval = modify_update_all(be, pb, &parent_modify_context, &txn);
@@ -826,8 +837,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/*
* Update ancestorid index.
*/
- if (slapi_sdn_get_dn(&dn_newsuperiordn)!=NULL) {
- retval = ldbm_ancestorid_move_subtree(be, &dn_olddn, &dn_newdn, e->ep_id, children, &txn);
+ if (slapi_sdn_get_dn(dn_newsuperiordn)!=NULL) {
+ retval = ldbm_ancestorid_move_subtree(be, sdn, &dn_newdn, e->ep_id, children, &txn);
if (retval != 0) {
if (retval == DB_LOCK_DEADLOCK) continue;
if (retval == DB_RUNRECOVERY || LDBM_OS_ERR_IS_DISKFULL(retval))
@@ -844,9 +855,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
{
Slapi_RDN newsrdn;
slapi_rdn_init_sdn(&newsrdn, (const Slapi_DN *)&dn_newdn);
- rc = entryrdn_rename_subtree(be,
- (const Slapi_DN *)&dn_olddn, &newsrdn,
- (const Slapi_DN *)&dn_newsuperiordn,
+ rc = entryrdn_rename_subtree(be, (const Slapi_DN *)sdn, &newsrdn,
+ (const Slapi_DN *)dn_newsuperiordn,
e->ep_id, &txn);
slapi_rdn_done(&newsrdn);
if (rc) {
@@ -861,7 +871,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
*/
if (!entryrdn_get_switch() && children) /* subtree-rename: off */
{
- retval= moddn_rename_children(&txn, pb, be, children, &dn_olddn,
+ retval= moddn_rename_children(&txn, pb, be, children, sdn,
&dn_newdn, child_entries);
}
if (DB_LOCK_DEADLOCK == retval)
@@ -1100,10 +1110,8 @@ common_return:
if (ldap_result_matcheddn && 0 != strcmp(ldap_result_matcheddn, "NULL"))
slapi_ch_free((void**)&ldap_result_matcheddn);
idl_free(children);
- slapi_sdn_done(&dn_olddn);
slapi_sdn_done(&dn_newdn);
slapi_sdn_done(&dn_newrdn);
- slapi_sdn_done(&dn_newsuperiordn);
slapi_sdn_done(&dn_parentdn);
modify_term(&parent_modify_context,be);
modify_term(&newparent_modify_context,be);
@@ -1118,7 +1126,8 @@ common_return:
slapi_ch_free((void**)&errbuf);
if (retval == 0 && opcsn != NULL && !is_fixup_operation)
{
- slapi_pblock_set(pb, SLAPI_URP_NAMING_COLLISION_DN, slapi_ch_strdup (dn));
+ slapi_pblock_set(pb, SLAPI_URP_NAMING_COLLISION_DN,
+ slapi_ch_strdup(slapi_sdn_get_dn(sdn)));
}
if (pb->pb_conn)
{
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_search.c b/ldap/servers/slapd/back-ldbm/ldbm_search.c
index 66ec886..91b0280 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_search.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_search.c
@@ -159,7 +159,6 @@ ldbm_back_search_cleanup(Slapi_PBlock *pb,
int ldap_result,
char* ldap_result_description,
int function_result,
- Slapi_DN *sdn,
struct vlv_request *vlv_request_control,
struct backentry *e)
{
@@ -192,7 +191,6 @@ ldbm_back_search_cleanup(Slapi_PBlock *pb,
delete_search_result_set(&sr);
}
}
- slapi_sdn_done(sdn);
if (vlv_request_control)
{
berval_done(&vlv_request_control->value);
@@ -218,8 +216,8 @@ ldbm_back_search( Slapi_PBlock *pb )
struct ldbminfo *li;
struct backentry *e;
IDList *candidates= NULL;
- char *base;
- Slapi_DN basesdn;
+ const char *base;
+ Slapi_DN *basesdn = NULL;
int scope;
LDAPControl **controls = NULL;
Slapi_Operation *operation;
@@ -254,7 +252,7 @@ ldbm_back_search( Slapi_PBlock *pb )
slapi_pblock_get( pb, SLAPI_BACKEND, &be );
slapi_pblock_get( pb, SLAPI_OPERATION, &operation);
slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &li );
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &basesdn );
slapi_pblock_get( pb, SLAPI_TARGET_ADDRESS, &addr);
slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope );
slapi_pblock_get( pb, SLAPI_REQCONTROLS, &controls );
@@ -263,7 +261,13 @@ ldbm_back_search( Slapi_PBlock *pb )
inst = (ldbm_instance *) be->be_instance_info;
- slapi_sdn_init_dn_ndn_byref(&basesdn,base); /* normalized by front end*/
+ if (NULL == basesdn) {
+ slapi_send_ldap_result( pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "Null target DN", 0, NULL );
+ return( -1 );
+ }
+ base = slapi_sdn_get_dn(basesdn);
+
/* Initialize the result set structure here because we need to use it during search processing */
/* Beware that if we exit this routine sideways, we might leak this structure */
sr = new_search_result_set( NULL, 0,
@@ -285,8 +289,7 @@ ldbm_back_search( Slapi_PBlock *pb )
/* Badly formed SORT control */
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_PROTOCOL_ERROR, "Sort Control",
- SLAPI_FAIL_GENERAL, &basesdn,
- NULL, NULL);
+ SLAPI_FAIL_GENERAL, NULL, NULL);
}
/* set this operation includes the server side sorting */
operation->o_flags |= OP_FLAG_SERVER_SIDE_SORTING;
@@ -303,8 +306,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
/* Badly formed VLV control */
return ldbm_back_search_cleanup(pb, li, sort_control,
- r, "VLV Control",
- SLAPI_FAIL_GENERAL, &basesdn,
+ r, "VLV Control", SLAPI_FAIL_GENERAL,
&vlv_request_control, NULL);
}
{
@@ -325,8 +327,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
/* Client isn't allowed to do this. */
return ldbm_back_search_cleanup(pb, li, sort_control,
- r, "VLV Control",
- SLAPI_FAIL_GENERAL, &basesdn,
+ r, "VLV Control", SLAPI_FAIL_GENERAL,
&vlv_request_control, NULL);
}
}
@@ -341,8 +342,7 @@ ldbm_back_search( Slapi_PBlock *pb )
/* Can't have a VLV control without a SORT control */
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_SORT_CONTROL_MISSING, "VLV Control",
- SLAPI_FAIL_GENERAL, &basesdn,
- &vlv_request_control, NULL);
+ SLAPI_FAIL_GENERAL, &vlv_request_control, NULL);
}
}
}
@@ -395,15 +395,13 @@ ldbm_back_search( Slapi_PBlock *pb )
{
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_UNWILLING_TO_PERFORM, ctrlstr,
- SLAPI_FAIL_GENERAL, &basesdn,
- &vlv_request_control, NULL);
+ SLAPI_FAIL_GENERAL, &vlv_request_control, NULL);
}
else
{
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_VIRTUAL_LIST_VIEW_ERROR, ctrlstr,
- SLAPI_FAIL_GENERAL, &basesdn,
- &vlv_request_control, NULL);
+ SLAPI_FAIL_GENERAL, &vlv_request_control, NULL);
}
}
else
@@ -418,8 +416,7 @@ ldbm_back_search( Slapi_PBlock *pb )
sort_make_sort_response_control(pb, LDAP_UNWILLING_TO_PERFORM, NULL);
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_UNAVAILABLE_CRITICAL_EXTENSION, ctrlstr,
- SLAPI_FAIL_GENERAL, &basesdn,
- &vlv_request_control, NULL);
+ SLAPI_FAIL_GENERAL, &vlv_request_control, NULL);
}
else /* vlv and sorting are not critical, so ignore the control */
{
@@ -453,7 +450,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
/* error or referral sent by find_entry */
return ldbm_back_search_cleanup(pb, li, sort_control,
- -1, NULL, 1, &basesdn, &vlv_request_control, NULL);
+ -1, NULL, 1, &vlv_request_control, NULL);
}
}
@@ -478,21 +475,20 @@ ldbm_back_search( Slapi_PBlock *pb )
*/
if ((NULL != controls) && (sort) && (vlv)) {
/* This candidate list is for vlv, no need for sort only. */
- switch (vlv_search_build_candidate_list(pb, &basesdn, &vlv_rc,
+ switch (vlv_search_build_candidate_list(pb, basesdn, &vlv_rc,
sort_control,
(vlv ? &vlv_request_control : NULL),
&candidates, &vlv_response_control)) {
case VLV_ACCESS_DENIED:
return ldbm_back_search_cleanup(pb, li, sort_control,
vlv_rc, "VLV Control",
- SLAPI_FAIL_GENERAL, &basesdn,
+ SLAPI_FAIL_GENERAL,
&vlv_request_control, e);
case VLV_BLD_LIST_FAILED:
return ldbm_back_search_cleanup(pb, li, sort_control,
vlv_response_control.result,
NULL, SLAPI_FAIL_GENERAL,
- &basesdn, &vlv_request_control,
- e);
+ &vlv_request_control, e);
case LDAP_SUCCESS:
/* Log to the access log the particulars of this sort request */
@@ -513,7 +509,6 @@ ldbm_back_search( Slapi_PBlock *pb )
LDAP_OPERATIONS_ERROR,
"Sort Response Control",
SLAPI_FAIL_GENERAL,
- &basesdn,
&vlv_request_control, e);
}
}
@@ -526,7 +521,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
/* Error result sent by build_candidate_list */
return ldbm_back_search_cleanup(pb, li, sort_control, -1,
- NULL, rc, &basesdn,
+ NULL, rc,
&vlv_request_control, e);
}
/*
@@ -559,7 +554,7 @@ ldbm_back_search( Slapi_PBlock *pb )
IDList *idl = NULL;
Slapi_Filter *filter = NULL;
slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, &filter );
- r = vlv_filter_candidates(be, pb, candidates, &basesdn,
+ r = vlv_filter_candidates(be, pb, candidates, basesdn,
scope, filter, &idl,
lookthrough_limit, time_up);
if(r == 0)
@@ -570,7 +565,7 @@ ldbm_back_search( Slapi_PBlock *pb )
else
{
return ldbm_back_search_cleanup(pb, li, sort_control,
- r, NULL, -1, &basesdn,
+ r, NULL, -1,
&vlv_request_control, e);
}
}
@@ -589,7 +584,7 @@ ldbm_back_search( Slapi_PBlock *pb )
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_PROTOCOL_ERROR,
"Sort Response Control", -1,
- &basesdn, &vlv_request_control, e);
+ &vlv_request_control, e);
}
}
else
@@ -630,7 +625,6 @@ ldbm_back_search( Slapi_PBlock *pb )
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_PROTOCOL_ERROR,
"Sort Control", -1,
- &basesdn,
&vlv_request_control, e);
case LDAP_UNWILLING_TO_PERFORM: /* Too hard */
case LDAP_OPERATIONS_ERROR: /* Operation error */
@@ -673,7 +667,7 @@ ldbm_back_search( Slapi_PBlock *pb )
return ldbm_back_search_cleanup(pb, li, sort_control,
(abandoned?-1:LDAP_PROTOCOL_ERROR),
"Sort Response Control", -1,
- &basesdn, &vlv_request_control, e);
+ &vlv_request_control, e);
}
}
}
@@ -700,7 +694,7 @@ ldbm_back_search( Slapi_PBlock *pb )
{
return ldbm_back_search_cleanup(pb, li, sort_control,
vlv_response_control.result,
- NULL, -1, &basesdn,
+ NULL, -1,
&vlv_request_control, e);
}
}
@@ -720,7 +714,7 @@ ldbm_back_search( Slapi_PBlock *pb )
return ldbm_back_search_cleanup(pb, li, sort_control,
(abandoned?-1:LDAP_PROTOCOL_ERROR),
"VLV Response Control", -1,
- &basesdn, &vlv_request_control, e);
+ &vlv_request_control, e);
}
/* Log the VLV operation */
vlv_print_access_log(pb,&vlv_request_control,&vlv_response_control);
@@ -783,7 +777,7 @@ ldbm_back_search( Slapi_PBlock *pb )
/* Fix for bugid #394184, SD, 05 Jul 00 */
/* tmp_err == -1: no error */
return ldbm_back_search_cleanup(pb, li, sort_control, tmp_err, tmp_desc,
- (tmp_err == -1 ? 0 : -1), &basesdn,
+ (tmp_err == -1 ? 0 : -1),
&vlv_request_control, NULL);
/* end Fix for bugid #394184 */
}
@@ -1205,7 +1199,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
int managedsait;
Slapi_Attr *attr;
Slapi_Filter *filter;
- char *base;
+ const char *base;
back_search_result_set *sr;
ID id;
struct backentry *e;
@@ -1214,7 +1208,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
int tlimit, llimit, slimit, isroot;
struct berval **urls = NULL;
int err;
- Slapi_DN basesdn = {0};
+ Slapi_DN *basesdn = NULL;
char *target_uniqueid;
int rc = 0;
int estimate = 0; /* estimated search result count */
@@ -1225,7 +1219,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope );
slapi_pblock_get( pb, SLAPI_MANAGEDSAIT, &managedsait );
slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, &filter );
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base );
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &basesdn );
slapi_pblock_get( pb, SLAPI_NENTRIES, &nentries );
slapi_pblock_get( pb, SLAPI_SEARCH_SIZELIMIT, &slimit );
slapi_pblock_get( pb, SLAPI_SEARCH_TIMELIMIT, &tlimit );
@@ -1240,6 +1234,13 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
goto bail;
}
+ if (NULL == basesdn) {
+ slapi_send_ldap_result( pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "Null target DN", 0, NULL );
+ return( -1 );
+ }
+ base = slapi_sdn_get_dn(basesdn);
+
if (sr->sr_current_sizelimit >= 0) {
/*
* sr_current_sizelimit contains the current sizelimit.
@@ -1254,7 +1255,10 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
inst = (ldbm_instance *) be->be_instance_info;
- slapi_sdn_init_dn_ndn_byref(&basesdn,base); /* normalized by front end */
+ if (NULL == basesdn) {
+ basesdn = slapi_sdn_new_normdn_byref(base);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, basesdn);
+ }
/* Return to the cache the entry we handed out last time */
/* If we are using the extension, the front end will tell
* us when to do this so we don't do it now */
@@ -1399,7 +1403,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
char ebuf[ BUFSIZ ];
LDAPDebug( LDAP_DEBUG_ANY, "null ref in (%s)\n", escape_string( backentry_get_ndn(e), ebuf ), 0, 0 );
}
- else if ( slapi_sdn_scope_test( backentry_get_sdn(e), &basesdn, scope ))
+ else if ( slapi_sdn_scope_test( backentry_get_sdn(e), basesdn, scope ))
{
if ( use_extension ) {
slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY_EXT, e );
@@ -1473,7 +1477,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
* just forget about it, since we don't want to return anything at all. */
{
if ( slapi_uniqueIDCompareString(target_uniqueid, e->ep_entry->e_uniqueid) ||
- slapi_sdn_scope_test( backentry_get_sdn(e), &basesdn, scope ))
+ slapi_sdn_scope_test( backentry_get_sdn(e), basesdn, scope ))
{
/* check size limit */
if ( slimit >= 0 )
@@ -1540,7 +1544,6 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension )
}
}
bail:
- slapi_sdn_done(&basesdn);
return rc;
}
diff --git a/ldap/servers/slapd/back-ldbm/ldif2ldbm.c b/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
index 4427a43..21b00fe 100644
--- a/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
+++ b/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
@@ -137,29 +137,18 @@ int ldbm_back_fetch_incl_excl(Slapi_PBlock *pb, char ***include,
char ***exclude)
{
char **pb_incl, **pb_excl;
- char subtreeDn[BUFSIZ];
- char *normSubtreeDn;
- int i;
slapi_pblock_get(pb, SLAPI_LDIF2DB_INCLUDE, &pb_incl);
slapi_pblock_get(pb, SLAPI_LDIF2DB_EXCLUDE, &pb_excl);
+ if ((NULL == include) || (NULL == exclude)) {
+ return 0;
+ }
*include = *exclude = NULL;
- /* normalize */
- if (pb_excl) {
- for (i = 0; pb_excl[i]; i++) {
- PL_strncpyz(subtreeDn, pb_excl[i], sizeof(subtreeDn));
- normSubtreeDn = slapi_dn_normalize_case(subtreeDn);
- charray_add(exclude, slapi_ch_strdup(normSubtreeDn));
- }
- }
- if (pb_incl) {
- for (i = 0; pb_incl[i]; i++) {
- PL_strncpyz(subtreeDn, pb_incl[i], sizeof(subtreeDn));
- normSubtreeDn = slapi_dn_normalize_case(subtreeDn);
- charray_add(include, slapi_ch_strdup(normSubtreeDn));
- }
- }
+ /* pb_incl/excl are both normalized */
+ *exclude = slapi_ch_array_dup(pb_excl);
+ *include = slapi_ch_array_dup(pb_incl);
+
return (pb_incl || pb_excl);
}
@@ -1423,7 +1412,6 @@ ldbm_back_ldbm2ldif( Slapi_PBlock *pb )
ep = backentry_alloc();
if (entryrdn_get_switch()) {
char *rdn = NULL;
- int rc = 0;
/* rdn is allocated in get_value_from_string */
rc = get_value_from_string((const char *)data.dptr, "rdn", &rdn);
@@ -1900,9 +1888,9 @@ ldbm_back_ldbm2index(Slapi_PBlock *pb)
/* create suffix list */
for (vlvidx = 0; vlvidx < numvlv; vlvidx++) {
- char *s = slapi_ch_strdup(slapi_sdn_get_dn(vlvIndex_getBase(pvlv[vlvidx])));
-
- s = slapi_dn_normalize_case(s);
+ char *s =
+ slapi_ch_strdup(slapi_sdn_get_ndn(vlvIndex_getBase(pvlv[vlvidx])));
+ /* 's' is passed in */
charray_add(&suffix_list, s);
}
idl = ldbm_fetch_subtrees(be, suffix_list, &err);
diff --git a/ldap/servers/slapd/back-ldbm/misc.c b/ldap/servers/slapd/back-ldbm/misc.c
index 6e350c9..78f1ed3 100644
--- a/ldap/servers/slapd/back-ldbm/misc.c
+++ b/ldap/servers/slapd/back-ldbm/misc.c
@@ -425,7 +425,8 @@ ldbm_txn_ruv_modify_context( Slapi_PBlock *pb, modify_context *mc )
slapi_pblock_get( pb, SLAPI_BACKEND, &be);
- bentry_addr.dn = NULL;
+ bentry_addr.sdn = NULL;
+ bentry_addr.udn = NULL;
bentry_addr.uniqueid = uniqueid;
/* Note: if we find the bentry, it will stay locked until someone calls
diff --git a/ldap/servers/slapd/back-ldbm/vlv_srch.c b/ldap/servers/slapd/back-ldbm/vlv_srch.c
index c160507..d7e28c1 100644
--- a/ldap/servers/slapd/back-ldbm/vlv_srch.c
+++ b/ldap/servers/slapd/back-ldbm/vlv_srch.c
@@ -189,7 +189,7 @@ vlvSearch_init(struct vlvSearch* p, Slapi_PBlock *pb, const Slapi_Entry *e, ldbm
slapi_pblock_set(pb, SLAPI_PLUGIN, inst->inst_be->be_database);
slapi_pblock_get(pb, SLAPI_TXN, &txn.back_txn_txn);
- addr.dn = (char*)slapi_sdn_get_ndn (p->vlv_base);
+ addr.sdn = p->vlv_base;
addr.uniqueid = NULL;
e = find_entry( pb, inst->inst_be, &addr, &txn );
/* Check to see if the entry is absent. If it is, mark this search
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c
index 9670de2..12d6650 100644
--- a/ldap/servers/slapd/bind.c
+++ b/ldap/servers/slapd/bind.c
@@ -124,12 +124,13 @@ do_bind( Slapi_PBlock *pb )
int auth_response_requested = 0;
int pw_response_requested = 0;
char *rawdn = NULL;
- char *dn = NULL, *saslmech = NULL;
+ const char *dn = NULL;
+ char *saslmech = NULL;
struct berval cred = {0};
Slapi_Backend *be = NULL;
ber_tag_t ber_rc;
int rc = 0;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_Entry *referral;
char errorbuf[BUFSIZ];
char **supported, **pmech;
@@ -137,8 +138,6 @@ do_bind( Slapi_PBlock *pb )
Slapi_Entry *bind_target_entry = NULL;
int auto_bind = 0;
int minssf = 0;
- char *test_bind_dn = NULL;
- size_t dnlen = 0;
LDAPDebug( LDAP_DEBUG_TRACE, "do_bind\n", 0, 0, 0 );
@@ -174,7 +173,7 @@ do_bind( Slapi_PBlock *pb )
return;
}
/* Check if we should be performing strict validation. */
- if (config_get_dn_validate_strict()) {
+ if (rawdn && config_get_dn_validate_strict()) {
/* check that the dn is formatted correctly */
rc = slapi_dn_syntax_check(pb, rawdn, 1);
if (rc) { /* syntax check failed */
@@ -186,27 +185,21 @@ do_bind( Slapi_PBlock *pb )
return;
}
}
- rc = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "BIND", rawdn?rawdn:"",
- "invalid bind dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid bind dn", 0, NULL);
- slapi_ch_free_string(&rawdn);
+ sdn = slapi_sdn_new_dn_passin(rawdn);
+ dn = slapi_sdn_get_dn(sdn);
+ if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "BIND", rawdn, "invalid bind dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid bind dn", 0, NULL);
+ slapi_sdn_free(&sdn);
return;
- } else if (rc > 0) { /* if rc == 0, rawdn is passed in */
- slapi_ch_free_string(&rawdn);
- } else { /* rc == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
}
-
- slapi_sdn_init_dn_passin(&sdn, dn);
-
LDAPDebug( LDAP_DEBUG_TRACE, "BIND dn=\"%s\" method=%d version=%d\n",
- dn, method, version );
+ dn?dn:"empty", method, version );
/* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (pb->pb_op, &sdn);
+ operation_set_target_spec (pb->pb_op, sdn);
switch ( method ) {
case LDAP_AUTH_SASL:
@@ -214,7 +207,7 @@ do_bind( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY,
"got SASL credentials from LDAPv2 client\n",
0, 0, 0 );
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method, version, saslmech, "SASL credentials only in LDAPv3");
+ log_bind_access (pb, dn?dn:"empty", method, version, saslmech, "SASL credentials only in LDAPv3");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"SASL credentials only in LDAPv3", 0, NULL );
goto free_and_return;
@@ -243,7 +236,7 @@ do_bind( Slapi_PBlock *pb )
"LDAPv2-style kerberos authentication received "
"on LDAPv3 connection.";
LDAPDebug( LDAP_DEBUG_ANY, kmsg, 0, 0, 0 );
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method, version, saslmech, kmsg);
+ log_bind_access (pb, dn?dn:"empty", method, version, saslmech, kmsg);
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
kmsg, 0, NULL );
goto free_and_return;
@@ -256,7 +249,7 @@ do_bind( Slapi_PBlock *pb )
}
break;
default:
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method, version, saslmech, "Unknown bind method");
+ log_bind_access (pb, dn?dn:"empty", method, version, saslmech, "Unknown bind method");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"Unknown bind method", 0, NULL );
goto free_and_return;
@@ -265,7 +258,7 @@ do_bind( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY,
"ber_scanf failed (op=Bind; params=Credentials)\n",
0, 0, 0 );
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method, version, saslmech, "decoding error");
+ log_bind_access (pb, dn?dn:"empty", method, version, saslmech, "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"decoding error", 0, NULL );
goto free_and_return;
@@ -284,7 +277,7 @@ do_bind( Slapi_PBlock *pb )
if (( err = get_ldapmessage_controls( pb, ber, &reqctrls ))
!= 0 ) {
- log_bind_access (pb, slapi_sdn_get_dn (&sdn), method,
+ log_bind_access (pb, dn?dn:"empty", method,
version, saslmech, "failed to parse LDAP controls");
send_ldap_result( pb, err, NULL, NULL, 0, NULL );
goto free_and_return;
@@ -316,8 +309,8 @@ do_bind( Slapi_PBlock *pb )
{
auto_bind = 1; /* flag the bind method */
dn = slapi_ch_strdup(pb->pb_conn->c_dn);
- slapi_sdn_done(&sdn);
- slapi_sdn_init_dn_passin(&sdn,dn);
+ slapi_sdn_free(&sdn);
+ sdn = slapi_sdn_new_dn_passin(dn);
}
}
#endif /* ENABLE_AUTOBIND */
@@ -330,7 +323,7 @@ do_bind( Slapi_PBlock *pb )
pb->pb_conn->c_needpw = 0;
PR_Unlock( pb->pb_conn->c_mutex );
- log_bind_access(pb, dn, method, version, saslmech, NULL);
+ log_bind_access(pb, dn?dn:"empty", method, version, saslmech, NULL);
switch ( version ) {
case LDAP_VERSION2:
@@ -372,9 +365,9 @@ do_bind( Slapi_PBlock *pb )
version, method, dn );
pb->pb_conn->c_ldapversion = version;
- isroot = slapi_dn_isroot( slapi_sdn_get_ndn(&sdn) );
+ isroot = slapi_dn_isroot( slapi_sdn_get_ndn(sdn) );
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &isroot );
- slapi_pblock_set( pb, SLAPI_BIND_TARGET, (void*)slapi_sdn_get_ndn(&sdn) );
+ slapi_pblock_set( pb, SLAPI_BIND_TARGET_SDN, (void*)sdn );
slapi_pblock_set( pb, SLAPI_BIND_METHOD, &method );
slapi_pblock_set( pb, SLAPI_BIND_SASLMECHANISM, saslmech );
slapi_pblock_set( pb, SLAPI_BIND_CREDENTIALS, &cred );
@@ -613,9 +606,9 @@ do_bind( Slapi_PBlock *pb )
slapi_value_init_berval(&cv,&cred);
/* right dn and passwd - authorize */
- if ( is_root_dn_pw( slapi_sdn_get_ndn(&sdn), &cv )) {
+ if ( is_root_dn_pw( slapi_sdn_get_ndn(sdn), &cv )) {
bind_credentials_set( pb->pb_conn, SLAPD_AUTH_SIMPLE,
- slapi_ch_strdup( slapi_sdn_get_ndn(&sdn) ),
+ slapi_ch_strdup( slapi_sdn_get_ndn(sdn) ),
NULL, NULL, NULL , NULL);
/* right dn, wrong passwd - reject with invalid creds */
@@ -635,7 +628,7 @@ do_bind( Slapi_PBlock *pb )
if ( auth_response_requested ) {
slapi_add_auth_response_control( pb,
( cred.bv_len == 0 ) ? "" :
- slapi_sdn_get_ndn(&sdn));
+ slapi_sdn_get_ndn(sdn));
}
send_ldap_result( pb, LDAP_SUCCESS, NULL, NULL, 0, NULL );
@@ -687,7 +680,7 @@ do_bind( Slapi_PBlock *pb )
/* get the entry now, so that we can give it to slapi_check_account_lock and reslimit_update_from_dn */
if (! slapi_be_is_flag_set(be, SLAPI_BE_FLAG_REMOTE_DATA)) {
- bind_target_entry = get_entry(pb, slapi_sdn_get_ndn(&sdn));
+ bind_target_entry = get_entry(pb, slapi_sdn_get_ndn(sdn));
rc = slapi_check_account_lock ( pb, bind_target_entry, pw_response_requested, 1, 1);
}
@@ -730,11 +723,11 @@ do_bind( Slapi_PBlock *pb )
if(!auto_bind)
bind_credentials_set( pb->pb_conn,
authtype, slapi_ch_strdup(
- slapi_sdn_get_ndn(&sdn)),
+ slapi_sdn_get_ndn(sdn)),
NULL, NULL, NULL, bind_target_entry );
if ( auth_response_requested ) {
slapi_add_auth_response_control( pb,
- slapi_sdn_get_ndn(&sdn));
+ slapi_sdn_get_ndn(sdn));
}
} else { /* anonymous */
/* set bind creds here so anonymous limits are set */
@@ -803,16 +796,12 @@ do_bind( Slapi_PBlock *pb )
free_and_return:;
if (be)
slapi_be_Unlock(be);
- slapi_pblock_get(pb, SLAPI_BIND_TARGET, &test_bind_dn);
- if (test_bind_dn != slapi_sdn_get_ndn(&sdn)) {
- /* set in sasl bind or some other bind plugin */
- slapi_ch_free_string(&test_bind_dn);
- }
- slapi_sdn_done(&sdn);
+ slapi_pblock_get(pb, SLAPI_BIND_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
slapi_ch_free_string( &saslmech );
slapi_ch_free( (void **)&cred.bv_val );
- if ( bind_target_entry != NULL )
- slapi_entry_free(bind_target_entry);
+ if ( bind_target_entry != NULL )
+ slapi_entry_free(bind_target_entry);
}
diff --git a/ldap/servers/slapd/bulk_import.c b/ldap/servers/slapd/bulk_import.c
index 717ff47..cb35988 100644
--- a/ldap/servers/slapd/bulk_import.c
+++ b/ldap/servers/slapd/bulk_import.c
@@ -67,7 +67,7 @@ static int process_bulk_import_op (Slapi_PBlock *pb, int state, Slapi_Entry *e);
SLAPI_CONNECTION -- connection over which bulk import is coming
SLAPI_BACKEND -- the backend being imported
or
- SLAPI_TARGET_DN that contains root of the imported area.
+ SLAPI_TARGET_SDN that contains root of the imported area.
The function returns LDAP_SUCCESS or LDAP error code
*/
@@ -80,7 +80,7 @@ int slapi_start_bulk_import (Slapi_PBlock *pb)
SLAPI_CONNECTION -- connection over which bulk import is coming
SLAPI_BACKEND -- the backend being imported
or
- SLAPI_TARGET_DN that contains root of the imported area.
+ SLAPI_TARGET_SDN that contains root of the imported area.
The function returns LDAP_SUCCESS or LDAP error code
*/
int slapi_stop_bulk_import (Slapi_PBlock *pb)
@@ -103,9 +103,7 @@ process_bulk_import_op (Slapi_PBlock *pb, int state, Slapi_Entry *e)
{
int rc;
Slapi_Backend *be = NULL;
- char *dn = NULL;
- Slapi_DN sdn;
- const Slapi_DN *target_sdn = NULL;
+ Slapi_DN *target_sdn = NULL;
if (pb == NULL)
{
@@ -125,29 +123,27 @@ process_bulk_import_op (Slapi_PBlock *pb, int state, Slapi_Entry *e)
/* try to get dn to select backend */
if (e)
{
- target_sdn = slapi_entry_get_sdn_const (e);
- be = slapi_be_select (target_sdn);
+ target_sdn = slapi_entry_get_sdn(e);
}
else
{
- slapi_sdn_init(&sdn);
- slapi_pblock_get (pb, SLAPI_TARGET_DN, &dn);
- if (dn)
- {
- slapi_sdn_init_dn_byref(&sdn, dn);
- be = slapi_be_select (&sdn);
- target_sdn = &sdn;
+ slapi_pblock_get (pb, SLAPI_TARGET_SDN, &target_sdn);
+ if (NULL == target_sdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "process_bulk_import_op: NULL target sdn\n");
+ return LDAP_OPERATIONS_ERROR;
}
}
+ be = slapi_be_select (target_sdn);
if (be)
{
- if (state == SLAPI_BI_STATE_START && (!slapi_be_issuffix(be, target_sdn)))
- {
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
- "process_bulk_import_op: wrong backend suffix\n");
- return LDAP_OPERATIONS_ERROR;
- }
+ if (state == SLAPI_BI_STATE_START && (!slapi_be_issuffix(be, target_sdn)))
+ {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "process_bulk_import_op: wrong backend suffix\n");
+ return LDAP_OPERATIONS_ERROR;
+ }
slapi_pblock_set (pb, SLAPI_BACKEND, be);
}
else
@@ -155,9 +151,6 @@ process_bulk_import_op (Slapi_PBlock *pb, int state, Slapi_Entry *e)
slapi_log_error(SLAPI_LOG_FATAL, NULL, "process_bulk_import_op: NULL backend\n");
return LDAP_OPERATIONS_ERROR;
}
-
- if (NULL == e)
- slapi_sdn_done (&sdn);
}
if (be->be_wire_import == NULL)
diff --git a/ldap/servers/slapd/compare.c b/ldap/servers/slapd/compare.c
index 578d826..b5b28fb 100644
--- a/ldap/servers/slapd/compare.c
+++ b/ldap/servers/slapd/compare.c
@@ -66,8 +66,7 @@ do_compare( Slapi_PBlock *pb )
{
BerElement *ber = pb->pb_op->o_ber;
char *rawdn = NULL;
- char *dn = NULL;
- size_t len = 0;
+ const char *dn = NULL;
struct ava ava = {0};
Slapi_Backend *be = NULL;
int err;
@@ -118,18 +117,16 @@ do_compare( Slapi_PBlock *pb )
return;
}
}
- err = slapi_dn_normalize_ext(rawdn, 0, &dn, &len);
- if (err < 0) {
- op_shared_log_error_access(pb, "CMP", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free((void **) &rawdn);
- return;
- } else if (err > 0) { /* if rc == 0, rawdn is passed in */
- slapi_ch_free((void **) &rawdn);
- } else { /* rc == 0; rawdn is passed in; not null terminated */
- *(dn + len) = '\0';
- }
+ slapi_sdn_init_dn_passin(&sdn, rawdn);
+ dn = slapi_sdn_get_dn(&sdn);
+ if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "CMP", rawdn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid dn", 0, NULL);
+ slapi_sdn_done(&sdn);
+ return;
+ }
/*
* in LDAPv3 there can be optional control extensions on
* the end of an LDAPMessage. we need to read them in and
@@ -139,19 +136,17 @@ do_compare( Slapi_PBlock *pb )
send_ldap_result( pb, err, NULL, NULL, 0, NULL );
goto free_and_return;
}
- slapi_sdn_init_dn_passin(&sdn,dn);
- dn = NULL; /* do not free - sdn owns it now */
/* target spec is used to decide which plugins are applicable for the operation */
operation_set_target_spec (pb->pb_op, &sdn);
LDAPDebug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s)\n",
- dn, ava.ava_type, 0 );
+ rawdn, ava.ava_type, 0 );
slapi_log_access( LDAP_DEBUG_STATS,
"conn=%" NSPRIu64 " op=%d CMP dn=\"%s\" attr=\"%s\"\n",
pb->pb_conn->c_connid, pb->pb_op->o_opid,
- escape_string( dn, ebuf ), ava.ava_type );
+ escape_string( rawdn, ebuf ), ava.ava_type );
/*
* We could be serving multiple database backends. Select the
@@ -188,7 +183,9 @@ do_compare( Slapi_PBlock *pb )
isroot = pb->pb_op->o_isroot;
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &isroot );
- slapi_pblock_set( pb, SLAPI_COMPARE_TARGET, (void*)slapi_sdn_get_ndn(&sdn) );
+ /* EXCEPTION: compare target does not allocate memory. */
+ /* target never be modified by plugins. */
+ slapi_pblock_set( pb, SLAPI_COMPARE_TARGET_SDN, (void*)&sdn );
slapi_pblock_set( pb, SLAPI_COMPARE_TYPE, ava.ava_type);
slapi_pblock_set( pb, SLAPI_COMPARE_VALUE, &ava.ava_value );
/*
@@ -216,6 +213,5 @@ free_and_return:;
if (be)
slapi_be_Unlock(be);
slapi_sdn_done(&sdn);
- slapi_ch_free_string(&dn);
ava_done( &ava );
}
diff --git a/ldap/servers/slapd/delete.c b/ldap/servers/slapd/delete.c
index fa7dbe3..693efa1 100644
--- a/ldap/servers/slapd/delete.c
+++ b/ldap/servers/slapd/delete.c
@@ -72,8 +72,6 @@ do_delete( Slapi_PBlock *pb )
Slapi_Operation *operation;
BerElement *ber;
char *rawdn = NULL;
- char *dn = NULL;
- size_t dnlen = 0;
int err = 0;
LDAPDebug( LDAP_DEBUG_TRACE, "do_delete\n", 0, 0, 0 );
@@ -107,22 +105,9 @@ do_delete( Slapi_PBlock *pb )
"strict: invalid dn");
send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
NULL, "invalid dn", 0, NULL);
- slapi_ch_free_string(&rawdn);
goto free_and_return;
}
}
- err = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (err < 0) {
- op_shared_log_error_access(pb, "DEL", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free_string(&rawdn);
- goto free_and_return;
- } else if (err > 0) { /* if err == 0, rawdn is passed in */
- slapi_ch_free_string(&rawdn);
- } else { /* err == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
- }
/*
* in LDAPv3 there can be optional control extensions on
@@ -130,20 +115,20 @@ do_delete( Slapi_PBlock *pb )
* pass them to the backend.
*/
if ( (err = get_ldapmessage_controls( pb, ber, NULL )) != 0 ) {
- op_shared_log_error_access (pb, "DEL", dn, "decoding error");
+ op_shared_log_error_access (pb, "DEL", rawdn, "decoding error");
send_ldap_result( pb, err, NULL, NULL, 0, NULL );
goto free_and_return;
}
- LDAPDebug( LDAP_DEBUG_ARGS, "do_delete: dn (%s)\n", dn, 0, 0 );
-
+ LDAPDebug1Arg( LDAP_DEBUG_ARGS, "do_delete: dn (%s)\n", rawdn );
+
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &pb->pb_op->o_isroot );
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn);
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, rawdn);
op_shared_delete (pb);
free_and_return:;
- slapi_ch_free ((void**)&dn);
+ slapi_ch_free ((void**)&rawdn);
}
/* This function is used to issue internal delete operation
@@ -158,7 +143,7 @@ slapi_delete_internal(const char *idn, LDAPControl **controls, int dummy)
int opresult;
pblock_init (&pb);
-
+
slapi_delete_internal_set_pb (&pb, idn, controls, NULL, plugin_get_default_component_id(), 0);
delete_internal_pb (&pb);
@@ -201,22 +186,26 @@ int slapi_delete_internal_pb (Slapi_PBlock *pb)
}
/* Initialize a pblock for a call to slapi_delete_internal_pb() */
-void slapi_delete_internal_set_pb (Slapi_PBlock *pb, const char *dn, LDAPControl **controls, const char *uniqueid,
- Slapi_ComponentId *plugin_identity, int operation_flags)
+void
+slapi_delete_internal_set_pb (Slapi_PBlock *pb,
+ const char *rawdn,
+ LDAPControl **controls, const char *uniqueid,
+ Slapi_ComponentId *plugin_identity,
+ int operation_flags)
{
Operation *op;
PR_ASSERT (pb != NULL);
- if (pb == NULL || dn == NULL)
+ if (pb == NULL || rawdn == NULL)
{
slapi_log_error(SLAPI_LOG_FATAL, NULL,
"slapi_delete_internal_set_pb: NULL parameter\n");
return;
}
- op = internal_operation_new(SLAPI_OPERATION_DELETE,operation_flags);
+ op = internal_operation_new(SLAPI_OPERATION_DELETE,operation_flags);
slapi_pblock_set(pb, SLAPI_OPERATION, op);
- slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET, (void*)dn);
- slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET, (void*)rawdn);
+ slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
if (uniqueid)
{
slapi_pblock_set(pb, SLAPI_TARGET_UNIQUEID, (void*)uniqueid);
@@ -259,11 +248,12 @@ static int delete_internal_pb (Slapi_PBlock *pb)
static void op_shared_delete (Slapi_PBlock *pb)
{
- char *dn;
+ char *rawdn = NULL;
+ const char *dn = NULL;
Slapi_Backend *be = NULL;
char ebuf[ BUFSIZ ];
int internal_op;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_Operation *operation;
Slapi_Entry *referral;
Slapi_Entry *ecopy = NULL;
@@ -274,15 +264,23 @@ static void op_shared_delete (Slapi_PBlock *pb)
int proxy_err = LDAP_SUCCESS;
char *errtext = NULL;
- slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET, &dn);
+ slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET, &rawdn);
slapi_pblock_get(pb, SLAPI_OPERATION, &operation);
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
- slapi_sdn_init_dn_byref(&sdn,dn);
- slapi_pblock_set(pb, SLAPI_DELETE_TARGET, (void*)slapi_sdn_get_ndn (&sdn));
+ sdn = slapi_sdn_new_dn_byval(rawdn);
+ dn = slapi_sdn_get_dn(sdn);
+ slapi_pblock_set(pb, SLAPI_DELETE_TARGET_SDN, (void*)sdn);
+ if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "DEL", rawdn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
+ NULL, "invalid dn", 0, NULL);
+ goto free_and_return;
+ }
/* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (operation, &sdn);
+ operation_set_target_spec (operation, sdn);
/* get the proxy auth dn if the proxy auth control is present */
proxy_err = proxyauth_get_dn(pb, &proxydn, &errtext);
@@ -299,7 +297,7 @@ static void op_shared_delete (Slapi_PBlock *pb)
slapi_log_access(LDAP_DEBUG_STATS, "conn=%" NSPRIu64 " op=%d DEL dn=\"%s\"%s\n",
pb->pb_conn->c_connid,
pb->pb_op->o_opid,
- escape_string(dn, ebuf),
+ escape_string(slapi_sdn_get_dn(sdn), ebuf),
proxystr ? proxystr: "");
}
else
@@ -307,7 +305,7 @@ static void op_shared_delete (Slapi_PBlock *pb)
slapi_log_access(LDAP_DEBUG_ARGS, "conn=%s op=%d DEL dn=\"%s\"%s\n",
LOG_INTERNAL_OP_CON_ID,
LOG_INTERNAL_OP_OP_ID,
- escape_string(dn, ebuf),
+ escape_string(slapi_sdn_get_dn(sdn), ebuf),
proxystr ? proxystr: "");
}
}
@@ -398,6 +396,7 @@ free_and_return:
slapi_be_Unlock(be);
}
{
+ char *coldn = NULL;
Slapi_Entry *epre = NULL, *eparent = NULL;
slapi_pblock_get(pb, SLAPI_ENTRY_PRE_OP, &epre);
slapi_pblock_get(pb, SLAPI_DELETE_GLUE_PARENT_ENTRY, &eparent);
@@ -408,10 +407,12 @@ free_and_return:
}
slapi_entry_free(epre);
slapi_entry_free(eparent);
+ slapi_pblock_get(pb, SLAPI_URP_NAMING_COLLISION_DN, &coldn);
+ slapi_ch_free_string(&coldn);
}
- slapi_pblock_get(pb, SLAPI_URP_NAMING_COLLISION_DN, &dn);
- slapi_ch_free((void **)&dn);
- slapi_sdn_done(&sdn);
+
+ slapi_pblock_get(pb, SLAPI_DELETE_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
slapi_ch_free_string(&proxydn);
slapi_ch_free_string(&proxystr);
}
diff --git a/ldap/servers/slapd/dn.c b/ldap/servers/slapd/dn.c
index 1912f70..e5b9db9 100644
--- a/ldap/servers/slapd/dn.c
+++ b/ldap/servers/slapd/dn.c
@@ -190,7 +190,6 @@ substr_dn_normalize_orig( char *dn, char *end )
char *d = NULL;
char *s = NULL;
char *typestart = NULL;
- char *rdnbegin = NULL;
char *lastesc = NULL;
int gotesc = 0;
int state = B4TYPE;
@@ -231,7 +230,6 @@ substr_dn_normalize_orig( char *dn, char *end )
value_separator = NULL;
value = d;
state = ( *s == '"' ) ? INQUOTEDVALUE : INVALUE1ST;
- rdnbegin = d;
lastesc = NULL;
*d++ = *s;
}
@@ -545,6 +543,9 @@ slapi_dn_normalize_ext(char *src, size_t src_len, char **dest, size_t *dest_len)
rc = 0;
}
}
+ if (0 == src_len) { /* src == "" */
+ goto bail;
+ }
ends = src + src_len;
endd = *dest + *dest_len;
@@ -1041,7 +1042,7 @@ slapi_dn_normalize_ext(char *src, size_t src_len, char **dest, size_t *dest_len)
break;
default:
LDAPDebug( LDAP_DEBUG_ANY,
- "slapi_dn_normalize - unknown state %d\n", state, 0, 0 );
+ "slapi_dn_normalize_ext - unknown state %d\n", state, 0, 0 );
break;
}
}
@@ -1116,6 +1117,39 @@ slapi_create_dn_string(const char *fmt, ...)
return dest;
}
+char *
+slapi_create_rdn_value(const char *fmt, ...)
+{
+ char *src = NULL;
+ char *dest = NULL;
+ size_t dest_len = 0;
+ va_list ap;
+ int rc = 0;
+ char *dnfmt;
+
+ if (NULL == fmt) {
+ return NULL;
+ }
+
+ dnfmt = slapi_ch_smprintf("cn=%s", fmt);
+ va_start(ap, fmt);
+ src = PR_vsmprintf(dnfmt, ap);
+ va_end(ap);
+ slapi_ch_free_string(&dnfmt);
+
+ rc = slapi_dn_normalize_ext(src, strlen(src), &dest, &dest_len);
+ if (rc == 0) { /* src is passed in. */
+ *(dest + dest_len) = '\0';
+ dest = slapi_ch_strdup(dest + 3);
+ } else if (rc > 0) {
+ char *odest = dest;
+ dest = slapi_ch_strdup(dest + 3);
+ slapi_ch_free_string(&odest);
+ }
+ slapi_ch_free_string(&src);
+ return dest;
+}
+
/*
* Append previous AV to the attribute value array if multivalued RDN.
* We use a stack based array at first and if we overflow that, we
@@ -1370,12 +1404,13 @@ dn_ignore_case_to_end( char *dn, char *end )
* slapi_dn_normalize_case - put dn into a canonical form suitable for storing
* in a hash database. this involves normalizing the case as well as
* the format. the dn is normalized in place as well as returned.
+ * (DEPRECATED)
*/
char *
slapi_dn_normalize_case( char *dn )
{
- /* normalize format */
+ /* normalize format (DEPRECATED) noop */
slapi_dn_normalize( dn );
/* normalize case */
@@ -1698,6 +1733,9 @@ PR_DEFINE_COUNTER(slapi_sdn_counter_dn_exist);
PR_DEFINE_COUNTER(slapi_sdn_counter_ndn_created);
PR_DEFINE_COUNTER(slapi_sdn_counter_ndn_deleted);
PR_DEFINE_COUNTER(slapi_sdn_counter_ndn_exist);
+PR_DEFINE_COUNTER(slapi_sdn_counter_udn_created);
+PR_DEFINE_COUNTER(slapi_sdn_counter_udn_deleted);
+PR_DEFINE_COUNTER(slapi_sdn_counter_udn_exist);
static void
sdn_create_counters()
@@ -1711,12 +1749,16 @@ sdn_create_counters()
PR_CREATE_COUNTER(slapi_sdn_counter_ndn_created,"Slapi_DN","internal_ndn_created","");
PR_CREATE_COUNTER(slapi_sdn_counter_ndn_deleted,"Slapi_DN","internal_ndn_deleted","");
PR_CREATE_COUNTER(slapi_sdn_counter_ndn_exist,"Slapi_DN","internal_ndn_exist","");
+ PR_CREATE_COUNTER(slapi_sdn_counter_udn_created,"Slapi_DN","internal_udn_created","");
+ PR_CREATE_COUNTER(slapi_sdn_counter_udn_deleted,"Slapi_DN","internal_udn_deleted","");
+ PR_CREATE_COUNTER(slapi_sdn_counter_udn_exist,"Slapi_DN","internal_udn_exist","");
counters_created= 1;
}
#define FLAG_ALLOCATED 0
#define FLAG_DN 1
#define FLAG_NDN 2
+#define FLAG_UDN 3
Slapi_DN *
slapi_sdn_new()
@@ -1730,10 +1772,18 @@ slapi_sdn_new()
return sdn;
}
+/*
+ * WARNING:
+ * Do not call slapi_sdn_init and its sibling APIs against Slapi_DN
+ * allocated by slapi_sdn_new. slapi_sdn_init clears all bits in the flag.
+ * If sdn is allocated by slapi_sdn_new, the FLAG_ALLOCATED bit is cleared
+ * and slapi_sdn_free won't free Slapi_DN.
+ */
Slapi_DN *
slapi_sdn_init(Slapi_DN *sdn)
{
sdn->flag= 0;
+ sdn->udn= NULL;
sdn->dn= NULL;
sdn->ndn= NULL;
sdn->ndn_len=0;
@@ -1748,7 +1798,7 @@ Slapi_DN *
slapi_sdn_init_dn_byref(Slapi_DN *sdn,const char *dn)
{
slapi_sdn_init(sdn);
- slapi_sdn_set_dn_byref(sdn,dn);
+ slapi_sdn_set_dn_byref(sdn, dn);
return sdn;
}
@@ -1768,20 +1818,33 @@ slapi_sdn_init_dn_passin(Slapi_DN *sdn,const char *dn)
return sdn;
}
-/* use when dn is normalized previously */
+/* use when dn is already normalized (but case is yet touched) */
Slapi_DN *
-slapi_sdn_init_dn_ndn_byref(Slapi_DN *sdn,const char *dn) {
- slapi_sdn_init(sdn);
- slapi_sdn_set_dn_byref(sdn,dn);
- /* slapi_sdn_set_ndn_byref nulls out dn set in above statement */
- sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_NDN);
- sdn->ndn= dn;
- if(dn == NULL) {
- sdn->ndn_len=0;
- } else {
- sdn->ndn_len=strlen(dn);
- }
- return sdn;
+slapi_sdn_init_normdn_byref(Slapi_DN *sdn, const char *dn)
+{
+ slapi_sdn_init(sdn);
+ if(dn == NULL) {
+ sdn->ndn_len = 0;
+ } else {
+ sdn->ndn_len = strlen(dn);
+ sdn->dn = dn;
+ }
+ return sdn;
+}
+
+/* use when dn is already normalized (but case is yet touched) */
+Slapi_DN *
+slapi_sdn_init_normdn_passin(Slapi_DN *sdn, const char *dn)
+{
+ slapi_sdn_init(sdn);
+ if(dn == NULL) {
+ sdn->ndn_len = 0;
+ } else {
+ sdn->ndn_len = strlen(dn);
+ sdn->dn = dn;
+ sdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ }
+ return sdn;
}
Slapi_DN *
@@ -1789,7 +1852,7 @@ slapi_sdn_init_ndn_byref(Slapi_DN *sdn,const char *dn)
{
slapi_sdn_init(sdn);
slapi_sdn_set_ndn_byref(sdn,dn);
- return sdn;
+ return sdn;
}
Slapi_DN *
@@ -1797,7 +1860,7 @@ slapi_sdn_init_ndn_byval(Slapi_DN *sdn,const char *dn)
{
slapi_sdn_init(sdn);
slapi_sdn_set_ndn_byval(sdn,dn);
- return sdn;
+ return sdn;
}
Slapi_DN *
@@ -1845,16 +1908,46 @@ slapi_sdn_new_ndn_byref(const char *ndn)
return sdn;
}
+/* use when dn is already normalized */
+Slapi_DN *
+slapi_sdn_new_normdn_byref(const char *normdn)
+{
+ Slapi_DN *sdn = slapi_sdn_new();
+ slapi_sdn_set_normdn_byref(sdn, normdn);
+ SDN_DUMP( sdn, "slapi_sdn_new_normdn_byref");
+ return sdn;
+}
+
+/* use when dn is already normalized */
+Slapi_DN *
+slapi_sdn_new_normdn_passin(const char *normdn)
+{
+ Slapi_DN *sdn = slapi_sdn_new();
+ slapi_sdn_set_normdn_passin(sdn, normdn);
+ SDN_DUMP( sdn, "slapi_sdn_new_normdn_passin");
+ return sdn;
+}
+
+/* use when dn is already normalized */
+Slapi_DN *
+slapi_sdn_new_normdn_byval(const char *normdn)
+{
+ Slapi_DN *sdn = slapi_sdn_new();
+ slapi_sdn_set_normdn_byval(sdn, normdn);
+ SDN_DUMP( sdn, "slapi_sdn_new_normdn_byval");
+ return sdn;
+}
+
Slapi_DN *
slapi_sdn_set_dn_byval(Slapi_DN *sdn, const char *dn)
{
slapi_sdn_done(sdn);
- sdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_DN);
+ sdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_UDN);
if(dn!=NULL)
{
- sdn->dn= slapi_ch_strdup(dn);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ sdn->udn= slapi_ch_strdup(dn);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_exist);
}
return sdn;
}
@@ -1863,8 +1956,8 @@ Slapi_DN *
slapi_sdn_set_dn_byref(Slapi_DN *sdn, const char *dn)
{
slapi_sdn_done(sdn);
- sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_DN);
- sdn->dn= dn;
+ sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_UDN);
+ sdn->udn= dn;
return sdn;
}
@@ -1872,17 +1965,64 @@ Slapi_DN *
slapi_sdn_set_dn_passin(Slapi_DN *sdn, const char *dn)
{
slapi_sdn_done(sdn);
- sdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_DN);
- sdn->dn= dn;
+ sdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_UDN);
+ sdn->udn= dn;
if(dn!=NULL)
{
- PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_exist);
}
return sdn;
}
Slapi_DN *
+slapi_sdn_set_normdn_byref(Slapi_DN *sdn, const char *normdn)
+{
+ slapi_sdn_done(sdn);
+ sdn->flag = slapi_unsetbit_uchar(sdn->flag, FLAG_DN);
+ sdn->dn = normdn;
+ if(normdn == NULL) {
+ sdn->ndn_len = 0;
+ } else {
+ sdn->ndn_len = strlen(normdn);
+ }
+ return sdn;
+}
+
+Slapi_DN *
+slapi_sdn_set_normdn_passin(Slapi_DN *sdn, const char *normdn)
+{
+ slapi_sdn_done(sdn);
+ sdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ sdn->dn = normdn;
+ if(normdn == NULL) {
+ sdn->ndn_len = 0;
+ } else {
+ sdn->ndn_len = strlen(normdn);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ }
+ return sdn;
+}
+
+Slapi_DN *
+slapi_sdn_set_normdn_byval(Slapi_DN *sdn, const char *normdn)
+{
+ slapi_sdn_done(sdn);
+ sdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ if(normdn == NULL) {
+ sdn->dn = slapi_ch_strdup(normdn);
+ sdn->ndn_len = 0;
+ } else {
+ sdn->dn = slapi_ch_strdup(normdn);
+ sdn->ndn_len = strlen(normdn);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ }
+ return sdn;
+}
+
+Slapi_DN *
slapi_sdn_set_ndn_byval(Slapi_DN *sdn, const char *ndn)
{
slapi_sdn_done(sdn);
@@ -1925,7 +2065,7 @@ slapi_sdn_set_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn)
else
{
/* NewDN= NewRDN + OldParent */
- char *parentdn= slapi_dn_parent(sdn->dn);
+ char *parentdn = slapi_dn_parent(slapi_sdn_get_dn(sdn));
char *newdn = slapi_ch_smprintf("%s,%s", rawrdn, parentdn);
slapi_ch_free((void**)&parentdn);
slapi_sdn_set_dn_passin(sdn,newdn);
@@ -1939,7 +2079,7 @@ slapi_sdn_set_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn)
Slapi_DN *
slapi_sdn_add_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn)
{
- const char *rawrdn= slapi_rdn_get_rdn(rdn);
+ const char *rawrdn = slapi_rdn_get_rdn(rdn);
if(slapi_sdn_isempty(sdn))
{
slapi_sdn_set_dn_byval(sdn,rawrdn);
@@ -1972,7 +2112,7 @@ slapi_sdn_set_parent(Slapi_DN *sdn, const Slapi_DN *parentdn)
/* NewDN= OldRDN + NewParent */
Slapi_RDN rdn;
const char *rawrdn;
- slapi_rdn_init_dn(&rdn,sdn->dn);
+ slapi_rdn_init_dn(&rdn, slapi_sdn_get_dn(sdn));
rawrdn= slapi_rdn_get_rdn(&rdn);
if(slapi_sdn_isempty(parentdn))
{
@@ -1980,12 +2120,9 @@ slapi_sdn_set_parent(Slapi_DN *sdn, const Slapi_DN *parentdn)
}
else
{
- char *newdn;
- newdn= slapi_ch_malloc(strlen(rawrdn)+1+strlen(parentdn->dn)+1);
- strcpy( newdn, rawrdn );
- strcat( newdn, "," );
- strcat( newdn, parentdn->dn );
- slapi_sdn_set_dn_passin(sdn,newdn);
+ char *newdn =
+ slapi_ch_smprintf("%s,%s", rawrdn, slapi_sdn_get_dn(parentdn));
+ slapi_sdn_set_dn_passin(sdn, newdn);
}
slapi_rdn_done(&rdn);
}
@@ -2005,7 +2142,6 @@ slapi_sdn_done(Slapi_DN *sdn)
if(slapi_isbitset_uchar(sdn->flag,FLAG_DN))
{
slapi_ch_free((void**)&(sdn->dn));
- sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_DN);
PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_deleted);
PR_DECREMENT_COUNTER(slapi_sdn_counter_dn_exist);
}
@@ -2014,22 +2150,36 @@ slapi_sdn_done(Slapi_DN *sdn)
sdn->dn= NULL;
}
}
+ sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_DN);
if(sdn->ndn!=NULL)
{
if(slapi_isbitset_uchar(sdn->flag,FLAG_NDN))
{
slapi_ch_free((void**)&(sdn->ndn));
- sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_NDN);
- sdn->ndn_len=0;
PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_deleted);
PR_DECREMENT_COUNTER(slapi_sdn_counter_ndn_exist);
}
else
{
sdn->ndn= NULL;
- sdn->ndn_len=0;
}
}
+ sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_NDN);
+ sdn->ndn_len=0;
+ if(sdn->udn!=NULL)
+ {
+ if(slapi_isbitset_uchar(sdn->flag,FLAG_UDN))
+ {
+ slapi_ch_free((void**)&(sdn->udn));
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_udn_deleted);
+ PR_DECREMENT_COUNTER(slapi_sdn_counter_udn_exist);
+ }
+ else
+ {
+ sdn->udn= NULL;
+ }
+ }
+ sdn->flag= slapi_unsetbit_uchar(sdn->flag,FLAG_UDN);
}
void
@@ -2037,9 +2187,11 @@ slapi_sdn_free(Slapi_DN **sdn)
{
if(sdn!=NULL && *sdn!=NULL)
{
+ int is_allocated = 0;
SDN_DUMP( *sdn, "slapi_sdn_free");
+ is_allocated = slapi_isbitset_uchar((*sdn)->flag, FLAG_ALLOCATED);
slapi_sdn_done(*sdn);
- if(slapi_isbitset_uchar((*sdn)->flag,FLAG_ALLOCATED))
+ if(is_allocated)
{
slapi_ch_free((void**)sdn);
PR_INCREMENT_COUNTER(slapi_sdn_counter_deleted);
@@ -2051,43 +2203,75 @@ slapi_sdn_free(Slapi_DN **sdn)
const char *
slapi_sdn_get_dn(const Slapi_DN *sdn)
{
- return (sdn->dn!=NULL ? sdn->dn : sdn->ndn);
+ if (NULL == sdn) {
+ return NULL;
+ }
+ if (sdn->dn) {
+ return sdn->dn;
+ } else if (sdn->ndn) {
+ return sdn->ndn;
+ } else if (sdn->udn) {
+ char *udn = slapi_ch_strdup(sdn->udn);
+ char *normed = NULL;
+ size_t dnlen = 0;
+ Slapi_DN *ncsdn = (Slapi_DN*)sdn; /* non-const Slapi_DN */
+ int rc = slapi_dn_normalize_ext(udn, 0, &normed, &dnlen);
+ if (rc == 0) { /* udn is passed in */
+ *(normed + dnlen) = '\0';
+ ncsdn->dn = normed;
+ ncsdn->ndn_len = dnlen;
+ ncsdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ } else if (rc > 0) { /* rc > 0 */
+ slapi_ch_free_string(&udn);
+ ncsdn->dn = normed;
+ ncsdn->ndn_len = dnlen;
+ ncsdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_DN);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_dn_exist);
+ }
+ /* else (rc < 0); normzlization failed. return NULL */
+ return sdn->dn;
+ } else {
+ return NULL;
+ }
}
const char *
slapi_sdn_get_ndn(const Slapi_DN *sdn)
{
- if(sdn->ndn==NULL)
- {
- if(sdn->dn!=NULL)
- {
- char *p= slapi_ch_strdup(sdn->dn);
- char *normed = NULL;
- size_t dnlen = 0;
- int rc = 0;
-
- Slapi_DN *ncsdn= (Slapi_DN*)sdn; /* non-const Slapi_DN */
- rc = slapi_dn_normalize_case_ext(p, 0, &normed, &dnlen);
- if (rc < 0) {
- /* we give up, just set dn to ndn */
- slapi_dn_ignore_case(p); /* ignore case */
- ncsdn->ndn = p;
- ncsdn->ndn_len = strlen(p);
- } else if (rc == 0) { /* p is passed in */
- *(normed + dnlen) = '\0';
- ncsdn->ndn = normed;
- ncsdn->ndn_len = dnlen;
- } else { /* rc > 0 */
- slapi_ch_free_string(&p);
- ncsdn->ndn = normed;
- ncsdn->ndn_len = dnlen;
- }
- ncsdn->flag= slapi_setbit_uchar(sdn->flag,FLAG_NDN);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_created);
- PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_exist);
- }
+ if (NULL == sdn) {
+ return NULL;
+ }
+ if (sdn->ndn) {
+ return sdn->ndn;
+ } else if (sdn->dn || sdn->udn) {
+ Slapi_DN *ncsdn = (Slapi_DN*)sdn; /* non-const Slapi_DN */
+ char *ndn = slapi_ch_strdup(slapi_sdn_get_dn(sdn));
+ slapi_dn_ignore_case(ndn); /* ignore case */
+ ncsdn->ndn = ndn;
+ ncsdn->flag = slapi_setbit_uchar(sdn->flag, FLAG_NDN);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_created);
+ PR_INCREMENT_COUNTER(slapi_sdn_counter_ndn_exist);
+ return ndn;
+ } else {
+ return NULL;
+ }
+}
+
+const char *
+slapi_sdn_get_udn(const Slapi_DN *sdn)
+{
+ if (sdn->udn) {
+ return sdn->udn;
+ } else if (sdn->dn) {
+ return sdn->dn;
+ } else if (sdn->ndn) {
+ return sdn->ndn;
+ } else {
+ return NULL;
}
- return sdn->ndn;
}
void
@@ -2123,52 +2307,45 @@ Slapi_DN *
slapi_sdn_dup(const Slapi_DN *sdn)
{
Slapi_DN *tmp;
- SDN_DUMP( sdn, "slapi_sdn_dup");
- tmp=slapi_sdn_new_dn_byval(slapi_sdn_get_dn(sdn));
- /* can't use slapi_set_ndn_byval -- it nulls the dn */
- tmp->flag= slapi_setbit_uchar(tmp->flag,FLAG_NDN);
- if(sdn->ndn!=NULL)
- {
- tmp->ndn= slapi_ch_strdup(sdn->ndn);
- tmp->ndn_len=sdn->ndn_len;
- } else tmp->ndn=NULL;
+ SDN_DUMP( sdn, "slapi_sdn_dup");
+ tmp = slapi_sdn_new_normdn_byval(slapi_sdn_get_dn(sdn));
return tmp;
}
void
slapi_sdn_copy(const Slapi_DN *from, Slapi_DN *to)
{
- SDN_DUMP( from, "slapi_sdn_copy from");
- SDN_DUMP( to, "slapi_sdn_copy to");
+ SDN_DUMP( from, "slapi_sdn_copy from");
+ SDN_DUMP( to, "slapi_sdn_copy to");
slapi_sdn_done(to);
- slapi_sdn_set_dn_byval(to,slapi_sdn_get_dn(from));
+ slapi_sdn_set_normdn_byval(to, slapi_sdn_get_dn(from));
}
int
slapi_sdn_compare( const Slapi_DN *sdn1, const Slapi_DN *sdn2 )
{
- int rc;
- const char *ndn1= slapi_sdn_get_ndn(sdn1);
- const char *ndn2= slapi_sdn_get_ndn(sdn2);
+ int rc;
+ const char *ndn1= slapi_sdn_get_ndn(sdn1);
+ const char *ndn2= slapi_sdn_get_ndn(sdn2);
if(ndn1==ndn2)
{
rc= 0;
}
else
{
- if(ndn1==NULL)
+ if(ndn1==NULL)
{
rc= -1;
}
else
{
- if(ndn2==NULL)
- {
- rc= 1;
- }
- else
- {
- rc= strcmp(ndn1,ndn2);
+ if(ndn2==NULL)
+ {
+ rc= 1;
+ }
+ else
+ {
+ rc= strcmp(ndn1,ndn2);
}
}
}
@@ -2176,22 +2353,25 @@ slapi_sdn_compare( const Slapi_DN *sdn1, const Slapi_DN *sdn2 )
}
int
-slapi_sdn_isempty( const Slapi_DN *sdn)
+slapi_sdn_isempty(const Slapi_DN *sdn)
{
- const char *dn= slapi_sdn_get_dn(sdn);
+ const char *dn = NULL;
+ if (sdn) {
+ dn = slapi_sdn_get_dn(sdn);
+ }
return (dn==NULL || dn[0]=='\0');
}
int
slapi_sdn_issuffix(const Slapi_DN *sdn, const Slapi_DN *suffixsdn)
{
- int rc;
- const char *dn= slapi_sdn_get_ndn(sdn);
+ int rc;
+ const char *dn= slapi_sdn_get_ndn(sdn);
const char *suffixdn= slapi_sdn_get_ndn(suffixsdn);
if(dn!=NULL && suffixdn!=NULL)
{
- int dnlen = slapi_sdn_get_ndn_len(sdn);
- int suffixlen= slapi_sdn_get_ndn_len(suffixsdn);
+ int dnlen = slapi_sdn_get_ndn_len(sdn);
+ int suffixlen= slapi_sdn_get_ndn_len(suffixsdn);
if (dnlen<suffixlen)
{
rc= 0;
@@ -2203,9 +2383,8 @@ slapi_sdn_issuffix(const Slapi_DN *sdn, const Slapi_DN *suffixsdn)
return ( 1 );
}
- rc= ( (strcasecmp(suffixdn, dn+dnlen-suffixlen)==0)
- && ( (dnlen == suffixlen)
- || DNSEPARATOR(dn[dnlen-suffixlen-1])) );
+ rc = (((dnlen == suffixlen) || DNSEPARATOR(dn[dnlen-suffixlen-1]))
+ && (strcasecmp(suffixdn, dn+dnlen-suffixlen)==0));
}
}
else
@@ -2219,11 +2398,11 @@ slapi_sdn_issuffix(const Slapi_DN *sdn, const Slapi_DN *suffixsdn)
int
slapi_sdn_get_ndn_len(const Slapi_DN *sdn)
{
- int r= 0;
- (void)slapi_sdn_get_ndn(sdn); /* does the normalization if needed */
- if(sdn->ndn!=NULL)
+ int r = 0;
+ (void)slapi_sdn_get_dn(sdn); /* does the normalization if needed */
+ if(sdn->dn || sdn->ndn)
{
- r= sdn->ndn_len;
+ r = sdn->ndn_len;
}
return r;
}
@@ -2296,7 +2475,7 @@ slapi_sdn_scope_test( const Slapi_DN *dn, const Slapi_DN *base, int scope )
* build the new dn of an entry for moddn operations
*/
char *
-slapi_moddn_get_newdn(Slapi_DN *dn_olddn, char *newrdn, char *newsuperiordn)
+slapi_moddn_get_newdn(Slapi_DN *dn_olddn, const char *newrdn, const char *newsuperiordn)
{
char *newdn;
diff --git a/ldap/servers/slapd/dse.c b/ldap/servers/slapd/dse.c
index e3bfb18..727e999 100644
--- a/ldap/servers/slapd/dse.c
+++ b/ldap/servers/slapd/dse.c
@@ -1426,18 +1426,17 @@ dse_delete_entry(struct dse* pdse, Slapi_PBlock *pb, const Slapi_Entry *e)
int
dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from this function! */
{
- char *dn; /* The bind DN */
int method; /* The bind method */
struct berval *cred; /* The bind credentials */
Slapi_Value **bvals;
struct dse* pdse;
Slapi_Attr *attr;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_Entry *ec= NULL;
/*Get the parameters*/
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_BIND_TARGET, &dn ) < 0 ||
+ slapi_pblock_get( pb, SLAPI_BIND_TARGET_SDN, &sdn ) < 0 ||
slapi_pblock_get( pb, SLAPI_BIND_METHOD, &method ) < 0 ||
slapi_pblock_get( pb, SLAPI_BIND_CREDENTIALS, &cred ) < 0){
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
@@ -1456,13 +1455,10 @@ dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from thi
return( SLAPI_BIND_FAIL );
}
- /* Find the entry that the person is attempting to bind as */
- slapi_sdn_init_dn_byref(&sdn,dn);
- ec = dse_get_entry_copy(pdse,&sdn,DSE_USE_LOCK);
+ ec = dse_get_entry_copy(pdse, sdn, DSE_USE_LOCK);
if ( ec == NULL )
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return( SLAPI_BIND_FAIL );
}
@@ -1475,7 +1471,6 @@ dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from thi
{
slapi_send_ldap_result( pb, LDAP_INAPPROPRIATE_AUTH, NULL, NULL, 0, NULL );
slapi_entry_free(ec);
- slapi_sdn_done(&sdn);
return SLAPI_BIND_FAIL;
}
bvals= attr_get_present_values( attr );
@@ -1485,7 +1480,6 @@ dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from thi
{
slapi_send_ldap_result( pb, LDAP_INVALID_CREDENTIALS, NULL, NULL, 0, NULL );
slapi_entry_free(ec);
- slapi_sdn_done(&sdn);
value_done(&cv);
return SLAPI_BIND_FAIL;
}
@@ -1496,11 +1490,9 @@ dse_bind( Slapi_PBlock *pb ) /* JCM There should only be one exit point from thi
default:
slapi_send_ldap_result( pb, LDAP_STRONG_AUTH_NOT_SUPPORTED, NULL, "auth method not supported", 0, NULL );
slapi_entry_free(ec);
- slapi_sdn_done(&sdn);
return SLAPI_BIND_FAIL;
}
slapi_entry_free(ec);
- slapi_sdn_done(&sdn);
/* success: front end will send result */
return SLAPI_BIND_SUCCESS;
}
@@ -1647,7 +1639,6 @@ do_dse_search(struct dse* pdse, Slapi_PBlock *pb, int scope, const Slapi_DN *bas
int
dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from this function! */
{
- char *base; /*Base of the search*/
int scope; /*Scope of the search*/
Slapi_Filter *filter; /*The filter*/
char **attrs; /*Attributes*/
@@ -1657,7 +1648,7 @@ dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
int returncode= LDAP_SUCCESS;
int isrootdse= 0;
char returntext[SLAPI_DSE_RETURNTEXT_SIZE]= "";
- Slapi_DN basesdn;
+ Slapi_DN *basesdn = NULL;
int estimate = 0; /* estimated search result set size */
/*
@@ -1666,7 +1657,7 @@ dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
* more or less directly from the client.
*/
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base ) < 0 ||
+ slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &basesdn ) < 0 ||
slapi_pblock_get( pb, SLAPI_SEARCH_SCOPE, &scope ) < 0 ||
slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, &filter ) < 0 ||
slapi_pblock_get( pb, SLAPI_SEARCH_ATTRS, &attrs ) < 0 ||
@@ -1675,27 +1666,23 @@ dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
return(-1);
}
-
- slapi_sdn_init_dn_byref(&basesdn,base);
-
/*
* Sadly the root dse is still a special case. We must not allow
* acl checks on it, or allow onelevel or subtree searches on it.
*/
- isrootdse= slapi_sdn_isempty(&basesdn);
+ isrootdse= slapi_sdn_isempty(basesdn);
switch(scope)
{
case LDAP_SCOPE_BASE:
{
Slapi_Entry *baseentry= NULL;
- baseentry = dse_get_entry_copy(pdse,&basesdn,DSE_USE_LOCK);
+ baseentry = dse_get_entry_copy(pdse, basesdn, DSE_USE_LOCK);
if ( baseentry == NULL )
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
slapi_log_error(SLAPI_LOG_PLUGIN,"dse_search", "node %s was not found\n",
- slapi_sdn_get_dn(&basesdn));
- slapi_sdn_done(&basesdn);
+ slapi_sdn_get_dn(basesdn));
return -1;
}
/*
@@ -1726,14 +1713,13 @@ dse_search(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
case LDAP_SCOPE_SUBTREE:
if(!isrootdse)
{
- estimate = do_dse_search(pdse, pb, scope, &basesdn, filter, attrs, attrsonly);
+ estimate = do_dse_search(pdse, pb, scope, basesdn, filter, attrs, attrsonly);
}
break;
}
slapi_pblock_set (pb, SLAPI_SEARCH_RESULT_SET_SIZE_ESTIMATE, &estimate);
/* Search is done, send LDAP_SUCCESS */
- slapi_sdn_done(&basesdn);
return 0;
}
@@ -1756,19 +1742,19 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
int err; /*House keeping stuff*/
LDAPMod **mods; /*Used to apply the modifications*/
- char *dn; /*Storage for the dn*/
char *errbuf = NULL; /* To get error back */
struct dse* pdse;
Slapi_Entry *ec= NULL;
Slapi_Entry *ecc= NULL;
int returncode= LDAP_SUCCESS;
char returntext[SLAPI_DSE_RETURNTEXT_SIZE]= "";
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
int dont_write_file = 0; /* default */
PR_ASSERT(pb);
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_MODIFY_TARGET, &dn ) < 0 ||
+ /* slapi_pblock_get( pb, SLAPI_MODIFY_TARGET, &dn ) < 0 || */
+ slapi_pblock_get( pb, SLAPI_MODIFY_TARGET_SDN, &sdn ) < 0 ||
slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ) < 0 || (NULL == pdse))
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
@@ -1780,14 +1766,11 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
return( -1 );
}
- slapi_sdn_init_dn_byref(&sdn,dn);
-
/* Find the entry we are about to modify. */
- ec = dse_get_entry_copy(pdse,&sdn,DSE_USE_LOCK);
+ ec = dse_get_entry_copy(pdse, sdn, DSE_USE_LOCK);
if ( ec == NULL )
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1797,7 +1780,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
slapi_send_ldap_result( pb, err, NULL, errbuf, 0, NULL );
if (errbuf) slapi_ch_free ((void**)&errbuf);
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1817,7 +1799,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
/* Error occured in the callback -- return error code from callback */
slapi_send_ldap_result( pb, returncode, NULL, returntext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1825,7 +1806,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
/* Callback says don't apply the changes -- return Success */
slapi_send_ldap_result( pb, LDAP_SUCCESS, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( 0, ec, ecc );
}
@@ -1861,7 +1841,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
/* entry_apply_mods() failed above, so return an error now */
slapi_send_ldap_result( pb, err, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
break;
@@ -1875,7 +1854,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &errtext);
slapi_send_ldap_result( pb, LDAP_OBJECT_CLASS_VIOLATION, NULL, errtext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1886,7 +1864,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &errtext);
slapi_send_ldap_result( pb, LDAP_INVALID_SYNTAX, NULL, errtext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
@@ -1895,7 +1872,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
if (dse_replace_entry( pdse, ecc, !dont_write_file, DSE_USE_LOCK )!=0 )
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return( -1, ec, ecc );
}
slapi_pblock_set( pb, SLAPI_ENTRY_POST_OP, slapi_entry_dup(ecc) ); /* JCM - When does this get free'd? */
@@ -1904,7 +1880,6 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_send_ldap_result( pb, returncode, NULL, returntext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_modify_return(0, ec, ecc);
}
@@ -1922,7 +1897,6 @@ dse_add_return( int rv, Slapi_Entry *e)
int
dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this function! */
{
- char *dn = NULL;
Slapi_Entry *e; /*The new entry to add*/
Slapi_Entry *e_copy = NULL; /* copy of added entry */
char *errbuf = NULL;
@@ -1932,14 +1906,14 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
struct dse* pdse;
int returncode= LDAP_SUCCESS;
char returntext[SLAPI_DSE_RETURNTEXT_SIZE]= "";
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Slapi_DN parent;
/*
* Get the database, the dn and the entry to add
*/
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_ADD_TARGET, &dn ) < 0 ||
+ slapi_pblock_get( pb, SLAPI_ADD_TARGET_SDN, &sdn ) < 0 ||
slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &e ) < 0 || (NULL == pdse))
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
@@ -1951,8 +1925,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
return( error );
}
- slapi_sdn_init_dn_byref(&sdn,dn);
-
/*
* Check to make sure the entry passes the schema check
*/
@@ -1963,7 +1935,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
"dse_add: entry failed schema check\n", 0, 0, 0 );
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &errtext);
slapi_send_ldap_result( pb, LDAP_OBJECT_CLASS_VIOLATION, NULL, errtext, 0, NULL );
- slapi_sdn_done(&sdn);
return error;
}
@@ -1975,7 +1946,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
"dse_add: entry failed syntax check\n", 0, 0, 0 );
slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &errtext);
slapi_send_ldap_result( pb, LDAP_INVALID_SYNTAX, NULL, errtext, 0, NULL );
- slapi_sdn_done(&sdn);
return error;
}
@@ -1983,7 +1953,7 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
* Attempt to find this dn.
*/
{
- Slapi_Entry *existingentry= dse_get_entry_copy( pdse, &sdn, DSE_USE_LOCK );
+ Slapi_Entry *existingentry= dse_get_entry_copy( pdse, sdn, DSE_USE_LOCK );
if(existingentry!=NULL)
{
/*
@@ -1991,7 +1961,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
* whose dn matches dn, so tell the user and return
*/
slapi_send_ldap_result( pb, LDAP_ALREADY_EXISTS, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
slapi_entry_free(existingentry);
return dse_add_return(error, NULL);
}
@@ -2003,7 +1972,7 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
* add the entry.
*/
slapi_sdn_init(&parent);
- slapi_sdn_get_parent(&sdn,&parent);
+ slapi_sdn_get_parent(sdn, &parent);
if ( !slapi_sdn_isempty(&parent) )
{
Slapi_Entry *parententry= NULL;
@@ -2012,7 +1981,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
LDAPDebug( SLAPI_DSE_TRACELEVEL, "dse_add: parent does not exist\n", 0, 0, 0 );
- slapi_sdn_done(&sdn);
slapi_sdn_done(&parent);
return dse_add_return(error, NULL);
}
@@ -2023,7 +1991,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
LDAPDebug( SLAPI_DSE_TRACELEVEL, "dse_add: no access to parent\n", 0, 0, 0 );
slapi_send_ldap_result( pb, rc, NULL, NULL, 0, NULL );
slapi_ch_free((void**)&errbuf);
- slapi_sdn_done(&sdn);
slapi_sdn_done(&parent);
return dse_add_return(rc, NULL);
}
@@ -2037,7 +2004,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
{
LDAPDebug( SLAPI_DSE_TRACELEVEL, "dse_add: no parent and not root\n", 0, 0, 0 );
slapi_send_ldap_result( pb, LDAP_INSUFFICIENT_ACCESS, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
slapi_sdn_done(&parent);
return dse_add_return(error, NULL);
}
@@ -2060,7 +2026,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
NULL, &returncode, returntext)!=SLAPI_DSE_CALLBACK_OK)
{
slapi_send_ldap_result( pb, returncode, NULL, returntext, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_add_return(error, NULL);
}
@@ -2069,7 +2034,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
if ( dse_add_entry_pb(pdse, e_copy, pb) != 0)
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_add_return(error, NULL);
}
/* The postop must be called after the write lock is released. */
@@ -2083,9 +2047,6 @@ dse_add(Slapi_PBlock *pb) /* JCM There should only be one exit point from this f
/* entry has been freed, so make sure no one tries to use it later */
slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL);
- /* Free the dn, and return */
- slapi_sdn_done(&sdn);
-
return dse_add_return(rc, e);
}
@@ -2104,40 +2065,37 @@ dse_delete_return( int rv, Slapi_Entry *ec)
int
dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from this function! */
{
- char *dn = NULL;
int rc= -1;
- int dont_write_file = 0; /* default */
+ int dont_write_file = 0; /* default */
struct dse* pdse = NULL;
int returncode= LDAP_SUCCESS;
char returntext[SLAPI_DSE_RETURNTEXT_SIZE]= "";
char *entry_str = "entry";
char *errbuf = NULL;
- char *attrs[2] = { NULL, NULL };
- Slapi_DN sdn;
- Slapi_Entry *ec = NULL; /* copy of entry to delete */
+ char *attrs[2] = { NULL, NULL };
+ Slapi_DN *sdn = NULL;
+ Slapi_Entry *ec = NULL; /* copy of entry to delete */
/*
* Get the database and the dn
*/
if (slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &pdse ) < 0 ||
- slapi_pblock_get( pb, SLAPI_DELETE_TARGET, &dn ) < 0 || (pdse == NULL))
+ slapi_pblock_get( pb, SLAPI_DELETE_TARGET_SDN, &sdn ) < 0 ||
+ (pdse == NULL))
{
slapi_send_ldap_result( pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL );
return rc;
}
- slapi_pblock_get(pb, SLAPI_DSE_DONT_WRITE_WHEN_ADDING, &dont_write_file);
- if ( !dont_write_file && dse_check_for_readonly_error(pb,pdse)) {
+ slapi_pblock_get(pb, SLAPI_DSE_DONT_WRITE_WHEN_ADDING, &dont_write_file);
+ if ( !dont_write_file && dse_check_for_readonly_error(pb,pdse)) {
return( rc );
}
- slapi_sdn_init_dn_byref(&sdn,dn);
-
- ec= dse_get_entry_copy( pdse, &sdn, DSE_USE_LOCK );
+ ec= dse_get_entry_copy( pdse, sdn, DSE_USE_LOCK );
if (ec == NULL)
{
slapi_send_ldap_result( pb, LDAP_NO_SUCH_OBJECT, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_delete_return( rc, ec );
}
@@ -2147,7 +2105,6 @@ dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
if(dse_numsubordinates(ec)>0)
{
slapi_send_ldap_result( pb, LDAP_NOT_ALLOWED_ON_NONLEAF, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_delete_return( rc, ec );
}
@@ -2161,7 +2118,6 @@ dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
{
slapi_send_ldap_result( pb, returncode, NULL, NULL, 0, NULL );
slapi_ch_free ( (void**)&errbuf );
- slapi_sdn_done(&sdn);
return dse_delete_return( rc, ec );
}
@@ -2175,7 +2131,6 @@ dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
else
{
slapi_send_ldap_result( pb, returncode, NULL, NULL, 0, NULL );
- slapi_sdn_done(&sdn);
return dse_delete_return( rc, ec );
}
@@ -2183,7 +2138,6 @@ dse_delete(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
slapi_send_ldap_result( pb, returncode, NULL, returntext, 0, NULL );
slapi_pblock_set( pb, SLAPI_ENTRY_PRE_OP, slapi_entry_dup( ec ));
- slapi_sdn_done(&sdn);
return dse_delete_return(0, ec);
}
diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c
index 9e0f0fb..3b2c410 100644
--- a/ldap/servers/slapd/entry.c
+++ b/ldap/servers/slapd/entry.c
@@ -269,18 +269,22 @@ str2entry_fast( const char *rawdn, char *s, int flags, int read_stateinfo )
normdn =
slapi_dn_normalize_original(slapi_ch_strdup(rawdn));
} else {
- normdn = slapi_create_dn_string("%s", rawdn);
- if (NULL == normdn) {
- LDAPDebug1Arg(LDAP_DEBUG_TRACE,
- "str2entry_fast: Invalid DN: %s\n", rawdn);
- slapi_entry_free( e );
- if (freeval) slapi_ch_free_string(&value.bv_val);
- e = NULL;
- goto done;
+ if (flags & SLAPI_STR2ENTRY_DN_NORMALIZED) {
+ normdn = slapi_ch_strdup(rawdn);
+ } else {
+ normdn = slapi_create_dn_string("%s", rawdn);
+ if (NULL == normdn) {
+ LDAPDebug1Arg(LDAP_DEBUG_TRACE,
+ "str2entry_fast: Invalid DN: %s\n", rawdn);
+ slapi_entry_free( e );
+ if (freeval) slapi_ch_free_string(&value.bv_val);
+ e = NULL;
+ goto done;
+ }
}
}
/* normdn is consumed in e */
- slapi_entry_set_dn(e, normdn);
+ slapi_entry_set_normdn(e, normdn);
}
if ( NULL == slapi_entry_get_rdn_const( e )) {
if (normdn) {
@@ -291,14 +295,19 @@ str2entry_fast( const char *rawdn, char *s, int flags, int read_stateinfo )
normdn =
slapi_dn_normalize_original(slapi_ch_strdup(rawdn));
} else {
- normdn = slapi_create_dn_string("%s", rawdn);
- if (NULL == normdn) {
- LDAPDebug1Arg(LDAP_DEBUG_TRACE,
- "str2entry_fast: Invalid DN: %s\n", rawdn);
- slapi_entry_free( e );
- if (freeval) slapi_ch_free_string(&value.bv_val);
- e = NULL;
- goto done;
+ if (flags & SLAPI_STR2ENTRY_DN_NORMALIZED) {
+ normdn = slapi_ch_strdup(rawdn);
+ } else {
+ normdn = slapi_create_dn_string("%s", rawdn);
+ if (NULL == normdn) {
+ LDAPDebug1Arg(LDAP_DEBUG_TRACE,
+ "str2entry_fast: Invalid DN: %s\n", rawdn);
+ slapi_entry_free( e );
+ if (freeval)
+ slapi_ch_free_string(&value.bv_val);
+ e = NULL;
+ goto done;
+ }
}
}
/* normdn is just referred in slapi_entry_set_rdn. */
@@ -338,7 +347,7 @@ str2entry_fast( const char *rawdn, char *s, int flags, int read_stateinfo )
goto done;
}
/* normdn is consumed in e */
- slapi_entry_set_dn(e, normdn);
+ slapi_entry_set_normdn(e, normdn);
/* the memory below was not allocated by the slapi_ch_ functions */
if (freeval) slapi_ch_free_string(&value.bv_val);
@@ -802,34 +811,42 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int read_stateinfo )
if ( rawdn ) {
if ( NULL == slapi_entry_get_dn_const(e) ) {
- normdn = slapi_create_dn_string("%s", rawdn);
- if (NULL == normdn) {
- LDAPDebug1Arg(LDAP_DEBUG_TRACE,
- "str2entry_dupcheck: Invalid DN: %s\n", rawdn);
- slapi_entry_free( e );
- if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
- csn_free(&attributedeletioncsn);
- csn_free(&maxcsn);
- return NULL;
- }
- /* normdn is consumed in e */
- slapi_entry_set_dn(e, normdn);
- }
- if ( NULL == slapi_entry_get_rdn_const(e) ) {
- if (normdn) {
- /* normdn is just referred in slapi_entry_set_rdn. */
- slapi_entry_set_rdn(e, normdn);
+ if (flags & SLAPI_STR2ENTRY_DN_NORMALIZED) {
+ normdn = slapi_ch_strdup(rawdn);
} else {
normdn = slapi_create_dn_string("%s", rawdn);
if (NULL == normdn) {
LDAPDebug1Arg(LDAP_DEBUG_TRACE,
- "str2entry_dupcheck: Invalid DN: %s\n", rawdn);
+ "str2entry_dupcheck: Invalid DN: %s\n", rawdn);
slapi_entry_free( e );
if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
csn_free(&attributedeletioncsn);
csn_free(&maxcsn);
return NULL;
}
+ }
+ /* normdn is consumed in e */
+ slapi_entry_set_normdn(e, normdn);
+ }
+ if ( NULL == slapi_entry_get_rdn_const(e) ) {
+ if (normdn) {
+ /* normdn is just referred in slapi_entry_set_rdn. */
+ slapi_entry_set_rdn(e, normdn);
+ } else {
+ if (flags & SLAPI_STR2ENTRY_DN_NORMALIZED) {
+ normdn = slapi_ch_strdup(rawdn);
+ } else {
+ normdn = slapi_create_dn_string("%s", rawdn);
+ if (NULL == normdn) {
+ LDAPDebug1Arg(LDAP_DEBUG_TRACE,
+ "str2entry_dupcheck: Invalid DN: %s\n", rawdn);
+ slapi_entry_free( e );
+ if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
+ csn_free(&attributedeletioncsn);
+ csn_free(&maxcsn);
+ return NULL;
+ }
+ }
/* normdn is just referred in slapi_entry_set_rdn. */
slapi_entry_set_rdn(e, normdn);
slapi_ch_free_string(&normdn);
@@ -859,7 +876,7 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int read_stateinfo )
goto free_and_return;
}
/* normdn is consumed in e */
- slapi_entry_set_dn(e, normdn);
+ slapi_entry_set_normdn(e, normdn);
/* the memory below was not allocated by the slapi_ch_ functions */
if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
continue;
@@ -1374,19 +1391,19 @@ slapi_str2entry( char *s, int flags )
* NOTE: the first arg "dn" should have been normalized before passing.
*/
Slapi_Entry *
-slapi_str2entry_ext( const char *dn, char *s, int flags )
+slapi_str2entry_ext( const char *normdn, char *s, int flags )
{
Slapi_Entry *e;
int read_stateinfo= ~( flags & SLAPI_STR2ENTRY_IGNORE_STATE );
- if (NULL == dn)
+ if (NULL == normdn)
{
return slapi_str2entry( s, flags );
}
LDAPDebug( LDAP_DEBUG_ARGS,
"slapi_str2entry_ext: flags=0x%x, dn=\"%s\", entry=\"%.50s...\"\n",
- flags, dn, s );
+ flags, normdn, s );
/*
@@ -1397,11 +1414,13 @@ slapi_str2entry_ext( const char *dn, char *s, int flags )
if ( 0 != ( flags & SLAPI_STR2ENTRY_NOT_WELL_FORMED_LDIF ) ||
0 != ( flags & ~SLAPI_STRENTRY_FLAGS_HANDLED_BY_STR2ENTRY_FAST ))
{
- e= str2entry_dupcheck( dn, s, flags, read_stateinfo );
+ e = str2entry_dupcheck( normdn, s,
+ flags|SLAPI_STR2ENTRY_DN_NORMALIZED, read_stateinfo );
}
else
{
- e= str2entry_fast( dn, s, flags, read_stateinfo );
+ e = str2entry_fast( normdn, s,
+ flags|SLAPI_STR2ENTRY_DN_NORMALIZED, read_stateinfo );
}
if (!e)
return e; /* e == NULL */
@@ -1914,15 +1933,30 @@ void
slapi_entry_init(Slapi_Entry *e, char *dn, Slapi_Attr *a)
{
slapi_sdn_set_dn_passin(slapi_entry_get_sdn(e), dn);
- e->e_uniqueid= NULL;
+ e->e_uniqueid= NULL;
+ e->e_attrs= a;
+ e->e_dncsnset= NULL;
+ e->e_maxcsn= NULL;
+ e->e_deleted_attrs= NULL;
+ e->e_virtual_attrs= NULL;
+ e->e_virtual_watermark= 0;
+ e->e_virtual_lock= slapi_new_rwlock();
+ e->e_flags= 0;
+}
+
+void
+slapi_entry_init_ext(Slapi_Entry *e, Slapi_DN *sdn, Slapi_Attr *a)
+{
+ slapi_sdn_copy(sdn, slapi_entry_get_sdn(e));
+ e->e_uniqueid= NULL;
e->e_attrs= a;
e->e_dncsnset= NULL;
e->e_maxcsn= NULL;
- e->e_deleted_attrs= NULL;
- e->e_virtual_attrs= NULL;
- e->e_virtual_watermark= 0;
- e->e_virtual_lock= slapi_new_rwlock();
- e->e_flags= 0;
+ e->e_deleted_attrs= NULL;
+ e->e_virtual_attrs= NULL;
+ e->e_virtual_watermark= 0;
+ e->e_virtual_lock= slapi_new_rwlock();
+ e->e_flags= 0;
}
void
@@ -2155,6 +2189,12 @@ slapi_entry_set_dn( Slapi_Entry *e, char *dn )
slapi_sdn_set_dn_passin(slapi_entry_get_sdn(e),dn);
}
+void
+slapi_entry_set_normdn( Slapi_Entry *e, char *dn )
+{
+ slapi_sdn_set_normdn_passin(slapi_entry_get_sdn(e), dn);
+}
+
/*
* WARNING - The DN is copied.
* The DN could be dn or RDN.
@@ -3139,18 +3179,18 @@ slapi_entry_rename(Slapi_Entry *e, const char *newrdn, int deleteoldrdn, const c
/* Build new DN. If newsuperior is set, just use "newrdn,newsuperior". If
* newsuperior is not set, need to add newrdn to old superior. */
if (newsuperior) {
- newdn = slapi_ch_smprintf("%s,%s", newrdn, newsuperior);
+ newdn = slapi_create_dn_string("%s,%s", newrdn, newsuperior);
} else {
char *oldsuperior = NULL;
oldsuperior = slapi_dn_parent(olddn);
- newdn = slapi_ch_smprintf("%s,%s", newrdn, oldsuperior);
+ newdn = slapi_create_dn_string("%s,%s", newrdn, oldsuperior);
slapi_ch_free_string(&oldsuperior);
}
/* Set the new DN in the entry. This hands off the memory used by newdn to the entry. */
- slapi_entry_set_dn(e, newdn);
+ slapi_entry_set_normdn(e, newdn);
/* Set the RDN in the entry. */
slapi_entry_set_rdn(e, newdn);
diff --git a/ldap/servers/slapd/extendop.c b/ldap/servers/slapd/extendop.c
index 17b2f7b..8f25b27 100644
--- a/ldap/servers/slapd/extendop.c
+++ b/ldap/servers/slapd/extendop.c
@@ -54,8 +54,7 @@ static void extop_handle_import_start(Slapi_PBlock *pb, char *extoid,
struct berval *extval)
{
char *orig = NULL;
- char *suffix = NULL;
- size_t dnlen = 0;
+ const char *suffix = NULL;
Slapi_DN *sdn = NULL;
Slapi_Backend *be = NULL;
struct berval bv;
@@ -84,28 +83,16 @@ static void extop_handle_import_start(Slapi_PBlock *pb, char *extoid,
return;
}
}
- ret = slapi_dn_normalize_ext(orig, 0, &suffix, &dnlen);
- if (ret < 0) {
- LDAPDebug1Arg(LDAP_DEBUG_ANY,
- "extop_handle_import_start: invalid suffix\n", orig);
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
- "invalid suffix", 0, NULL);
- return;
- } else if (ret > 0) {
- slapi_ch_free_string(&orig);
- } else { /* ret == 0; orig is passed in; not null terminated */
- *(suffix + dnlen) = '\0';
- }
- sdn = slapi_sdn_new_dn_byval(suffix);
+ sdn = slapi_sdn_new_dn_passin(orig);
if (!sdn) {
LDAPDebug(LDAP_DEBUG_ANY,
"extop_handle_import_start: out of memory\n", 0, 0, 0);
send_ldap_result(pb, LDAP_OPERATIONS_ERROR, NULL, NULL, 0, NULL);
return;
}
+ suffix = slapi_sdn_get_dn(sdn);
/* be = slapi_be_select(sdn); */
be = slapi_mapping_tree_find_backend_for_sdn(sdn);
- slapi_sdn_free(&sdn);
if (be == NULL || be == defbackend_get_backend()) {
/* might be instance name instead of suffix */
be = slapi_be_select_by_instance_name(suffix);
@@ -191,7 +178,7 @@ static void extop_handle_import_start(Slapi_PBlock *pb, char *extoid,
"Bulk import: begin import on '%s'.\n", suffix, 0, 0);
out:
- slapi_ch_free((void **)&suffix);
+ slapi_sdn_free(&sdn);
return;
}
diff --git a/ldap/servers/slapd/fedse.c b/ldap/servers/slapd/fedse.c
index 8a61e72..ab94628 100644
--- a/ldap/servers/slapd/fedse.c
+++ b/ldap/servers/slapd/fedse.c
@@ -1562,7 +1562,7 @@ internal_add_helper(Slapi_Entry *e, int dont_write_file)
slapi_add_entry_internal_set_pb(&newpb, e, NULL,
plugin_get_default_component_id(),
plugin_actions);
- slapi_pblock_set(&newpb, SLAPI_TARGET_DN, (void*)slapi_entry_get_dn_const(e));
+ slapi_pblock_set(&newpb, SLAPI_TARGET_SDN, (void*)slapi_entry_get_sdn_const(e));
slapi_pblock_set(&newpb, SLAPI_DSE_DONT_WRITE_WHEN_ADDING,
(void *)&dont_write_file);
slapi_pblock_get(&newpb, SLAPI_OPERATION, &op);
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 928d648..b9beafb 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -1489,8 +1489,9 @@ int config_set_anon_limits_dn( const char *attrname, char *value, char *errorbuf
CFG_LOCK_WRITE(slapdFrontendConfig);
slapi_ch_free ( (void **) &(slapdFrontendConfig->anon_limits_dn) );
- slapdFrontendConfig->anon_limits_dn = slapi_ch_strdup ( value );
- CFG_UNLOCK_WRITE(slapdFrontendConfig);
+ slapdFrontendConfig->anon_limits_dn =
+ slapi_create_dn_string("%s", value);
+ CFG_UNLOCK_WRITE(slapdFrontendConfig);
}
return retVal;
}
diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c
index 059cf33..fa3b6aa 100644
--- a/ldap/servers/slapd/main.c
+++ b/ldap/servers/slapd/main.c
@@ -1644,14 +1644,38 @@ process_command_line(int argc, char **argv, char *myname,
break;
case 's': /* which suffix to include in import/export */
{
- char *s= slapi_dn_normalize ( slapi_ch_strdup(optarg_ext) );
- charray_add(&db2ldif_include,s);
+ char *s = NULL;
+ size_t len = 0;
+ int rc = slapi_dn_normalize_ext(optarg_ext, 0, &s, &len);
+ if (rc < 0) {
+ fprintf(stderr, "Invalid dn: -s %s\n", optarg_ext);
+ usage(myname, *extraname);
+ exit(1);
+ } else if (0 == rc) {
+ /* rc == 0; optarg_extawdn is passed in;
+ * not null terminated */
+ *(optarg_ext + len) = '\0';
+ s = slapi_ch_strdup(optarg_ext);
+ }
+ charray_add(&db2ldif_include, slapi_dn_ignore_case(s));
}
break;
case 'x': /* which suffix to exclude in import/export */
{
- char *s= slapi_dn_normalize ( slapi_ch_strdup(optarg_ext) );
- charray_add(&db2ldif_exclude,s);
+ char *s = NULL;
+ size_t len = 0;
+ int rc = slapi_dn_normalize_ext(optarg_ext, 0, &s, &len);
+ if (rc < 0) {
+ fprintf(stderr, "Invalid dn: -x %s\n", optarg_ext);
+ usage(myname, *extraname);
+ exit(1);
+ } else if (0 == rc) {
+ /* rc == 0; optarg_extawdn is passed in;
+ * not null terminated */
+ *(optarg_ext + len) = '\0';
+ s = slapi_ch_strdup(optarg_ext);
+ }
+ charray_add(&db2ldif_exclude, slapi_dn_ignore_case(s));
}
break;
case 'r': /* db2ldif for replication */
diff --git a/ldap/servers/slapd/mapping_tree.c b/ldap/servers/slapd/mapping_tree.c
index cc007df..580accc 100644
--- a/ldap/servers/slapd/mapping_tree.c
+++ b/ldap/servers/slapd/mapping_tree.c
@@ -386,8 +386,7 @@ get_parent_from_entry(Slapi_Entry * entry)
*ptr = '\0';
}
}
- parent_sdn =
- slapi_sdn_new_dn_passin(slapi_create_dn_string("%s", parent));
+ parent_sdn = slapi_sdn_new_dn_passin(slapi_ch_smprintf("%s", parent));
slapi_ch_free_string(&origparent);
}
@@ -433,7 +432,7 @@ get_subtree_from_entry(Slapi_Entry * entry)
*ptr = '\0';
}
}
- subtree = slapi_sdn_new_dn_passin(slapi_create_dn_string("%s", cn));
+ subtree = slapi_sdn_new_dn_passin(slapi_ch_smprintf("%s", cn));
slapi_ch_free_string(&origcn);
}
@@ -2128,8 +2127,7 @@ int slapi_mapping_tree_select_all(Slapi_PBlock *pb, Slapi_Backend **be_list,
Slapi_Backend * be;
Slapi_Entry * referral;
int scope = LDAP_SCOPE_BASE;
- Slapi_DN sdn;
- char *base;
+ Slapi_DN *sdn = NULL;
int flag_partial_result = 0;
int op_type;
@@ -2142,8 +2140,11 @@ int slapi_mapping_tree_select_all(Slapi_PBlock *pb, Slapi_Backend **be_list,
}
/* get the operational parameters */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
- slapi_sdn_init_dn_ndn_byref(&sdn, base); /* normalized in opshared.c */
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ if (NULL == sdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL, "Error: Null target DN");
+ return LDAP_OPERATIONS_ERROR;
+ }
slapi_pblock_get(pb, SLAPI_OPERATION, &op);
target_sdn = operation_get_target_spec (op);
slapi_pblock_get(pb, SLAPI_OPERATION_TYPE, &op_type);
@@ -2188,8 +2189,8 @@ int slapi_mapping_tree_select_all(Slapi_PBlock *pb, Slapi_Backend **be_list,
/* flag we have problems at least on part of the tree */
flag_partial_result = 1;
}
- else if ( ( ((!slapi_sdn_issuffix(&sdn, slapi_mtn_get_dn(node))
- && !slapi_sdn_issuffix(slapi_mtn_get_dn(node), &sdn)))
+ else if ( ( ((!slapi_sdn_issuffix(sdn, slapi_mtn_get_dn(node))
+ && !slapi_sdn_issuffix(slapi_mtn_get_dn(node), sdn)))
|| ((node_list == mapping_tree_root) && node->mtn_private
&& (scope != LDAP_SCOPE_BASE)) )
&& (!be || strncmp(be->be_name, "default", 8)))
@@ -2238,7 +2239,6 @@ int slapi_mapping_tree_select_all(Slapi_PBlock *pb, Slapi_Backend **be_list,
&referral, errorbuf, scope);
}
mtn_unlock();
- slapi_sdn_done(&sdn);
be_list[be_index] = NULL;
referral_list[referral_index] = NULL;
@@ -2839,8 +2839,8 @@ slapi_get_mapping_tree_node_configdn (const Slapi_DN *root)
return NULL;
/* This function converts the old DN style to the new one. */
- dn = slapi_create_dn_string("cn=\"%s\",%s",
- slapi_sdn_get_dn(root), MAPPING_TREE_BASE_DN);
+ dn = slapi_ch_smprintf("cn=\"%s\",%s",
+ slapi_sdn_get_ndn(root), MAPPING_TREE_BASE_DN);
if (NULL == dn) {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
"slapi_get_mapping_tree_node_configdn: "
diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index 219ac72..6e70347 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -138,7 +138,7 @@ do_modify( Slapi_PBlock *pb )
int ignored_some_mods = 0;
int has_password_mod = 0; /* number of password mods */
char *old_pw = NULL; /* remember the old password */
- char *dn = NULL;
+ char *rawdn = NULL;
LDAPDebug( LDAP_DEBUG_TRACE, "do_modify\n", 0, 0, 0 );
@@ -168,8 +168,6 @@ do_modify( Slapi_PBlock *pb )
*/
{
- char *rawdn = NULL;
- size_t dnlen = 0;
int rc = 0;
if ( ber_scanf( ber, "{a", &rawdn ) == LBER_ERROR )
{
@@ -193,24 +191,12 @@ do_modify( Slapi_PBlock *pb )
return;
}
}
- rc = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "MOD", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free((void **) &rawdn);
- return;
- } else if (rc > 0) { /* if rc == 0, rawdn is passed in */
- slapi_ch_free_string(&rawdn);
- } else { /* rc == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
- }
}
- LDAPDebug( LDAP_DEBUG_ARGS, "do_modify: dn (%s)\n", dn, 0, 0 );
+ LDAPDebug( LDAP_DEBUG_ARGS, "do_modify: dn (%s)\n", rawdn, 0, 0 );
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &pb->pb_op->o_isroot);
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn );
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, rawdn );
/* collect modifications & save for later */
slapi_mods_init(&smods, 0);
@@ -227,7 +213,7 @@ do_modify( Slapi_PBlock *pb )
if ( ber_scanf( ber, "{i{a[V]}}", &mod_op, &type,
&mod->mod_bvalues ) == LBER_ERROR )
{
- op_shared_log_error_access (pb, "MOD", dn, "decoding error");
+ op_shared_log_error_access (pb, "MOD", rawdn, "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"decoding error", 0, NULL );
ber_bvecfree(mod->mod_bvalues);
@@ -240,7 +226,7 @@ do_modify( Slapi_PBlock *pb )
if ( !mod->mod_type || !*mod->mod_type ) {
char ebuf[BUFSIZ];
PR_snprintf (ebuf, BUFSIZ, "invalid type '%s'", type);
- op_shared_log_error_access (pb, "MOD", dn, ebuf);
+ op_shared_log_error_access (pb, "MOD", rawdn, ebuf);
send_ldap_result( pb, LDAP_INVALID_SYNTAX, NULL, ebuf, 0, NULL );
slapi_ch_free((void **)&type);
ber_bvecfree(mod->mod_bvalues);
@@ -254,7 +240,7 @@ do_modify( Slapi_PBlock *pb )
mod->mod_op != LDAP_MOD_DELETE &&
mod->mod_op != LDAP_MOD_REPLACE )
{
- op_shared_log_error_access (pb, "MOD", dn, "unrecognized modify operation");
+ op_shared_log_error_access (pb, "MOD", rawdn, "unrecognized modify operation");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"unrecognized modify operation", 0, NULL );
ber_bvecfree(mod->mod_bvalues);
@@ -267,7 +253,7 @@ do_modify( Slapi_PBlock *pb )
&& mod->mod_op != LDAP_MOD_DELETE
&& mod->mod_op != LDAP_MOD_REPLACE )
{
- op_shared_log_error_access (pb, "MOD", dn, "no values given");
+ op_shared_log_error_access (pb, "MOD", rawdn, "no values given");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
"no values given", 0, NULL );
ber_bvecfree(mod->mod_bvalues);
@@ -317,7 +303,7 @@ do_modify( Slapi_PBlock *pb )
if ( ( len == 0 ) && ( 0 == smods.num_elements ) && !ignored_some_mods ) {
/* ok - empty modify - allow empty modifies */
} else if ( len != -1 ) {
- op_shared_log_error_access (pb, "MOD", dn, "decoding error");
+ op_shared_log_error_access (pb, "MOD", rawdn, "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL, "decoding error", 0, NULL );
goto free_and_return;
}
@@ -326,7 +312,7 @@ do_modify( Slapi_PBlock *pb )
#else
if ( tag != LBER_END_OF_SEQORSET )
{
- op_shared_log_error_access (pb, "MOD", dn, "decoding error");
+ op_shared_log_error_access (pb, "MOD", rawdn, "decoding error");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL, "decoding error", 0, NULL );
goto free_and_return;
}
@@ -335,7 +321,7 @@ do_modify( Slapi_PBlock *pb )
/* decode the optional controls - put them in the pblock */
if ( (err = get_ldapmessage_controls( pb, ber, NULL )) != 0 )
{
- op_shared_log_error_access (pb, "MOD", dn, "failed to decode LDAP controls");
+ op_shared_log_error_access (pb, "MOD", rawdn, "failed to decode LDAP controls");
send_ldap_result( pb, err, NULL, NULL, 0, NULL );
goto free_and_return;
}
@@ -362,7 +348,7 @@ do_modify( Slapi_PBlock *pb )
pb->pb_conn->c_needpw && pw_change == 0 )
{
(void)slapi_add_pwd_control ( pb, LDAP_CONTROL_PWEXPIRED, 0);
- op_shared_log_error_access (pb, "MOD", dn, "need new password");
+ op_shared_log_error_access (pb, "MOD", rawdn, "need new password");
send_ldap_result( pb, LDAP_UNWILLING_TO_PERFORM, NULL, NULL, 0, NULL );
goto free_and_return;
}
@@ -387,7 +373,7 @@ do_modify( Slapi_PBlock *pb )
ldap_mods_free (mods, 1 /* Free the Array and the Elements */);
free_and_return:;
- slapi_ch_free ((void**)&dn);
+ slapi_ch_free ((void**)&rawdn);
slapi_mods_done(&smods);
}
@@ -583,8 +569,9 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
Slapi_Entry *referral;
Slapi_Entry *e = NULL;
char ebuf[BUFSIZ];
- char *dn;
- Slapi_DN sdn;
+ char *dn = NULL;
+ char *normdn = NULL;
+ Slapi_DN *sdn = NULL;
LDAPMod **mods, *pw_mod, **tmpmods = NULL;
Slapi_Mods smods;
Slapi_Mods unhashed_pw_smod;
@@ -608,23 +595,23 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
slapi_pblock_get (pb, SLAPI_SKIP_MODIFIED_ATTRS, &skip_modified_attrs);
- if (dn == NULL)
- {
- slapi_sdn_init_dn_byref (&sdn, "");
- }
- else
- {
- slapi_sdn_init_dn_byref (&sdn, dn);
+ sdn = slapi_sdn_new_dn_byval(dn);
+ normdn = (char *)slapi_sdn_get_dn(sdn);
+ slapi_pblock_set(pb, SLAPI_MODIFY_TARGET_SDN, (void*)sdn);
+ if (dn && (strlen(dn) > 0) && (NULL == normdn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "MOD", dn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid dn", 0, NULL);
+ goto free_and_return;
}
- slapi_pblock_set(pb, SLAPI_MODIFY_TARGET, (void*)slapi_sdn_get_ndn (&sdn));
-
- slapi_mods_init_passin (&smods, mods);
+ slapi_mods_init_passin (&smods, mods);
slapi_mods_init(&unhashed_pw_smod, 0);
/* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (pb->pb_op, &sdn);
+ operation_set_target_spec (pb->pb_op, sdn);
/* get the proxy auth dn if the proxy auth control is present */
proxy_err = proxyauth_get_dn(pb, &proxydn, &errtext);
@@ -643,7 +630,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
slapi_log_access(LDAP_DEBUG_STATS, "conn=%" NSPRIu64 " op=%d MOD dn=\"%s\"%s\n",
pb->pb_conn->c_connid,
pb->pb_op->o_opid,
- escape_string(slapi_sdn_get_dn(&sdn), ebuf),
+ escape_string(slapi_sdn_get_dn(sdn), ebuf),
proxystr ? proxystr : "");
}
else
@@ -651,7 +638,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
slapi_log_access(LDAP_DEBUG_ARGS, "conn=%s op=%d MOD dn=\"%s\"%s\n",
LOG_INTERNAL_OP_CON_ID,
LOG_INTERNAL_OP_OP_ID,
- escape_string(slapi_sdn_get_dn(&sdn), ebuf),
+ escape_string(slapi_sdn_get_dn(sdn), ebuf),
proxystr ? proxystr : "");
}
@@ -702,8 +689,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
* 2. If yes, then if the mods contain any passwdpolicy specific attributes.
* 3. If yes, then it invokes corrosponding checking function.
*/
- if ( !repl_op && !internal_op && dn &&
- (e = get_entry(pb, slapi_dn_normalize(dn))) )
+ if ( !repl_op && !internal_op && normdn && (e = get_entry(pb, normdn)) )
{
Slapi_Value target;
slapi_value_init(&target);
@@ -785,7 +771,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
valuearray_init_bervalarray(pw_mod->mod_bvalues, &va);
/* encode password */
- pw_encodevals_ext(pb, &sdn, va);
+ pw_encodevals_ext(pb, sdn, va);
/* remove current clear value of userpassword */
ber_bvecfree(pw_mod->mod_bvalues);
@@ -971,12 +957,14 @@ free_and_return:
if (be)
slapi_be_Unlock(be);
- slapi_sdn_done(&sdn);
if (unhashed_pw_attr)
slapi_ch_free ((void**)&unhashed_pw_attr);
slapi_ch_free_string(&proxydn);
+
+ slapi_pblock_get(pb, SLAPI_MODIFY_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
}
static void remove_mod (Slapi_Mods *smods, const char *type, Slapi_Mods *smod_unhashed)
diff --git a/ldap/servers/slapd/modrdn.c b/ldap/servers/slapd/modrdn.c
index 24e444c..ad992c5 100644
--- a/ldap/servers/slapd/modrdn.c
+++ b/ldap/servers/slapd/modrdn.c
@@ -73,17 +73,16 @@ do_modrdn( Slapi_PBlock *pb )
Slapi_Operation *operation;
BerElement *ber;
char *rawdn = NULL, *rawnewsuperior = NULL;
- char *dn = NULL, *newsuperior = NULL;
+ const char *dn = NULL, *newsuperior = NULL;
char *rawnewrdn = NULL;
char *newrdn = NULL;
int err = 0, deloldrdn = 0;
ber_len_t len = 0;
- size_t dnlen = 0;
char *newdn = NULL;
char *parent = NULL;
Slapi_DN sdn = {0};
Slapi_DN snewdn = {0};
- Slapi_DN snewsuperior = {0};
+ Slapi_DN *snewsuperior = NULL;
LDAPDebug( LDAP_DEBUG_TRACE, "do_modrdn\n", 0, 0, 0 );
@@ -169,34 +168,29 @@ do_modrdn( Slapi_PBlock *pb )
goto free_and_return;
}
}
- err = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (err < 0) {
- op_shared_log_error_access(pb, "MODRDN", rawdn?rawdn:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free_string( &rawdn );
+ slapi_sdn_init_dn_passin(&sdn, rawdn);
+ dn = slapi_sdn_get_dn(&sdn);
+ if (rawdn && (strlen(rawdn) > 0) && (NULL == dn)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "MODRDN", rawdn, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid dn", 0, NULL);
slapi_ch_free_string( &rawnewrdn );
slapi_ch_free_string( &rawnewsuperior );
goto free_and_return;
- } else if (err > 0) {
- slapi_ch_free((void **) &rawdn);
- } else { /* err == 0; rawdn is passed in; not null terminated */
- *(dn + dnlen) = '\0';
}
- err = slapi_dn_normalize_ext(rawnewrdn, 0, &newrdn, &dnlen);
- if (err < 0) {
- op_shared_log_error_access(pb, "MODRDN", rawnewrdn?rawnewrdn:"",
- "invalid new rdn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid new rdn", 0, NULL);
+ newrdn = slapi_create_dn_string("%s", rawnewrdn);
+ if (rawnewrdn && (NULL == newrdn)) {
+ op_shared_log_error_access(pb, "MODRDN", rawnewrdn, "invalid newrdn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
+ NULL, "invalid newrdn", 0, NULL);
slapi_ch_free_string( &rawnewrdn );
slapi_ch_free_string( &rawnewsuperior );
goto free_and_return;
- } else if (err > 0) {
- slapi_ch_free((void **) &rawnewrdn);
- } else { /* err == 0; rawnewdn is passed in; not null terminated */
- *(newrdn + dnlen) = '\0';
}
+ slapi_dn_ignore_case( newrdn );
+ slapi_ch_free_string( &rawnewrdn );
+
if (rawnewsuperior) {
if (config_get_dn_validate_strict()) {
/* check that the dn is formatted correctly */
@@ -210,19 +204,8 @@ do_modrdn( Slapi_PBlock *pb )
goto free_and_return;
}
}
- err = slapi_dn_normalize_ext(rawnewsuperior, 0, &newsuperior, &dnlen);
- if (err < 0) {
- op_shared_log_error_access(pb, "MODRDN", rawnewsuperior,
- "invalid new superior");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid new superior", 0, NULL);
- slapi_ch_free_string( &rawnewsuperior);
- goto free_and_return;
- } else if (err > 0) {
- slapi_ch_free((void **) &rawnewsuperior);
- } else { /* err == 0; rawnewsuperior is passed in; not terminated */
- *(newsuperior + dnlen) = '\0';
- }
+ snewsuperior = slapi_sdn_new_dn_passin(rawnewsuperior);
+ newsuperior = slapi_sdn_get_dn(snewsuperior);
}
/*
@@ -230,27 +213,24 @@ do_modrdn( Slapi_PBlock *pb )
* Note: need to check the case newrdn is given, and newsuperior
* uses the newrdn, as well.
*/
- /* Both newrdn and dn are already normalized. */
- parent = slapi_dn_parent(dn);
+ parent = slapi_dn_parent(slapi_sdn_get_ndn(&sdn));
newdn = slapi_ch_smprintf("%s,%s", newrdn, parent);
- slapi_sdn_set_dn_byref(&sdn, dn);
- slapi_sdn_set_dn_byref(&snewdn, newdn);
- slapi_sdn_set_dn_byref(&snewsuperior, newsuperior);
- if (0 == slapi_sdn_compare(&sdn, &snewsuperior) ||
- 0 == slapi_sdn_compare(&snewdn, &snewsuperior)) {
- op_shared_log_error_access(pb, "MODRDN", rawnewsuperior,
+ slapi_sdn_init_normdn_passin(&snewdn, newdn); /* newdn is normalized */
+ if (0 == slapi_sdn_compare(&sdn, snewsuperior) ||
+ 0 == slapi_sdn_compare(&snewdn, snewsuperior)) {
+ op_shared_log_error_access(pb, "MODRDN", newsuperior,
"new superior is identical to the entry dn");
send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL,
"new superior is identical to the entry dn", 0, NULL);
goto free_and_return;
}
- if (slapi_sdn_issuffix(&snewsuperior, &sdn) ||
- slapi_sdn_issuffix(&snewsuperior, &snewdn)) {
+ if (slapi_sdn_issuffix(snewsuperior, &sdn) ||
+ slapi_sdn_issuffix(snewsuperior, &snewdn)) {
/* E.g.,
* newsuperior: ou=sub,ou=people,dc=example,dc=com
* dn: ou=people,dc=example,dc=com
*/
- op_shared_log_error_access(pb, "MODRDN", rawnewsuperior,
+ op_shared_log_error_access(pb, "MODRDN", newsuperior,
"new superior is descendent of the entry");
send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL,
"new superior is descendent of the entry", 0, NULL);
@@ -273,24 +253,22 @@ do_modrdn( Slapi_PBlock *pb )
deloldrdn );
slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &pb->pb_op->o_isroot );
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn );
- slapi_pblock_set( pb, SLAPI_MODRDN_NEWRDN, newrdn );
- slapi_pblock_set( pb, SLAPI_MODRDN_NEWSUPERIOR, newsuperior );
+ /* dn, newrdn and newsuperior are all normalized */
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET,
+ (void *)slapi_sdn_get_udn(&sdn) );
+ slapi_pblock_set( pb, SLAPI_MODRDN_TARGET_SDN, &sdn );
+ slapi_pblock_set( pb, SLAPI_MODRDN_NEWRDN, (void *)newrdn );
+ slapi_pblock_set( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, (void *)snewsuperior );
slapi_pblock_set( pb, SLAPI_MODRDN_DELOLDRDN, &deloldrdn );
- op_shared_rename(pb, 1 /* pass in ownership of string arguments */ );
- goto ok_return;
+ op_shared_rename(pb, 0 /* do not pass in ownership of string arguments */ );
free_and_return:
- slapi_ch_free_string( &dn );
- slapi_ch_free_string( &newrdn );
- slapi_ch_free_string( &newsuperior );
-ok_return:
slapi_sdn_done(&sdn);
+ slapi_ch_free_string(&newrdn);
+ slapi_sdn_free(&snewsuperior);
slapi_sdn_done(&snewdn);
- slapi_sdn_done(&snewsuperior);
slapi_ch_free_string(&parent);
- slapi_ch_free_string(&newdn);
return;
}
@@ -311,20 +289,28 @@ slapi_rename_internal(const char *iodn, const char *inewrdn, const char *inewsup
Slapi_PBlock pb;
Slapi_PBlock *result_pb = NULL;
int opresult= 0;
+ Slapi_DN sdn = {0};
+ Slapi_DN newsuperiorsdn = {0};
pblock_init (&pb);
- slapi_rename_internal_set_pb (&pb, iodn, inewrdn, inewsuperior, deloldrdn,
- controls, NULL, plugin_get_default_component_id(), 0);
+ slapi_sdn_init_dn_byref(&sdn, iodn);
+ slapi_sdn_init_dn_byref(&newsuperiorsdn, inewsuperior);
+
+ slapi_rename_internal_set_pb_ext(&pb, &sdn, inewrdn, &newsuperiorsdn,
+ deloldrdn, controls, NULL,
+ plugin_get_default_component_id(), 0);
rename_internal_pb (&pb);
result_pb = slapi_pblock_new();
- if (result_pb)
- {
- slapi_pblock_get(&pb, SLAPI_PLUGIN_INTOP_RESULT, &opresult);
- slapi_pblock_set(result_pb, SLAPI_PLUGIN_INTOP_RESULT, &opresult);
+ if (result_pb) {
+ slapi_pblock_get(&pb, SLAPI_PLUGIN_INTOP_RESULT, &opresult);
+ slapi_pblock_set(result_pb, SLAPI_PLUGIN_INTOP_RESULT, &opresult);
}
- pblock_done(&pb);
+
+ slapi_sdn_done(&sdn);
+ slapi_sdn_done(&newsuperiorsdn);
+ pblock_done(&pb);
return result_pb;
}
@@ -352,32 +338,39 @@ int slapi_modrdn_internal_pb (Slapi_PBlock *pb)
return rename_internal_pb (pb);
}
-/* Initialize a pblock for a call to slapi_modrdn_internal_pb() */
-void slapi_rename_internal_set_pb (Slapi_PBlock *pb, const char *olddn, const char *newrdn, const char *newsuperior, int deloldrdn,
- LDAPControl **controls, const char *uniqueid, Slapi_ComponentId *plugin_identity, int operation_flags)
+void
+slapi_rename_internal_set_pb_ext(Slapi_PBlock *pb,
+ const Slapi_DN *olddn,
+ const char *newrdn, /* normalized */
+ const Slapi_DN *newsuperior, int deloldrdn,
+ LDAPControl **controls, const char *uniqueid,
+ Slapi_ComponentId *plugin_identity,
+ int operation_flags)
{
- Operation *op;
- PR_ASSERT (pb != NULL);
- if (pb == NULL || olddn == NULL || newrdn == NULL)
- {
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
- "slapi_rename_internal_set_pb: NULL parameter\n");
- return;
- }
+ Operation *op;
+ PR_ASSERT (pb != NULL);
+ if (pb == NULL || olddn == NULL || newrdn == NULL)
+ {
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "slapi_rename_internal_set_pb: NULL parameter\n");
+ return;
+ }
- op= internal_operation_new(SLAPI_OPERATION_MODRDN,operation_flags);
- slapi_pblock_set(pb, SLAPI_OPERATION, op);
- slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET, (void*)olddn);
+ op = internal_operation_new(SLAPI_OPERATION_MODRDN,operation_flags);
+ slapi_pblock_set(pb, SLAPI_OPERATION, op);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET,
+ (void*)slapi_sdn_get_dn(olddn));
+ slapi_pblock_set(pb, SLAPI_MODRDN_TARGET_SDN, (void*)olddn);
slapi_pblock_set(pb, SLAPI_MODRDN_NEWRDN, (void*)newrdn);
- slapi_pblock_set(pb, SLAPI_MODRDN_NEWSUPERIOR, (void*)newsuperior);
+ slapi_pblock_set(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, (void*)newsuperior);
slapi_pblock_set(pb, SLAPI_MODRDN_DELOLDRDN, &deloldrdn);
- slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
- slapi_pblock_set(pb, SLAPI_MODIFY_MODS, NULL);
- if (uniqueid)
- {
- slapi_pblock_set(pb, SLAPI_TARGET_UNIQUEID, (void*)uniqueid);
- }
- slapi_pblock_set(pb, SLAPI_PLUGIN_IDENTITY, plugin_identity);
+ slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
+ slapi_pblock_set(pb, SLAPI_MODIFY_MODS, NULL);
+ if (uniqueid)
+ {
+ slapi_pblock_set(pb, SLAPI_TARGET_UNIQUEID, (void*)uniqueid);
+ }
+ slapi_pblock_set(pb, SLAPI_PLUGIN_IDENTITY, plugin_identity);
}
/* Helper functions */
@@ -418,18 +411,19 @@ static int rename_internal_pb (Slapi_PBlock *pb)
* Beware: this function resets the following pblock elements that were
* set by the caller:
*
- * SLAPI_MODRDN_TARGET
+ * SLAPI_MODRDN_TARGET_SDN
* SLAPI_MODRDN_NEWRDN
- * SLAPI_MODRDN_NEWSUPERIOR
+ * SLAPI_MODRDN_NEWSUPERIOR_SDN
*/
static void
op_shared_rename(Slapi_PBlock *pb, int passin_args)
{
- char *dn, *newsuperior, *newrdn, *newdn = NULL;
+ char *dn, *newrdn, *newdn = NULL;
+ const char *newsuperior;
char **rdns;
int deloldrdn;
Slapi_Backend *be = NULL;
- Slapi_DN sdn = {0};
+ Slapi_DN *origsdn = NULL;
Slapi_Mods smods;
char dnbuf[BUFSIZ];
char newrdnbuf[BUFSIZ];
@@ -443,13 +437,16 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
char *proxystr = NULL;
int proxy_err = LDAP_SUCCESS;
char *errtext = NULL;
+ Slapi_DN *sdn = NULL;
+ Slapi_DN *newsuperiorsdn = NULL;
slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET, &dn);
slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &newrdn);
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &newsuperior);
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperiorsdn);
slapi_pblock_get(pb, SLAPI_MODRDN_DELOLDRDN, &deloldrdn);
slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &repl_op);
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
+ slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &origsdn);
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
/*
@@ -462,26 +459,31 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
* that we will not free these parameters... so if passin_args is
* zero, we need to make copies.
*
- * In the case of SLAPI_MODRDN_TARGET and SLAPI_MODRDN_NEWSUPERIOR, we
- * replace the existing values with normalized values (because plugins
+ * In the case of SLAPI_MODRDN_TARGET_SDN and SLAPI_MODRDN_NEWSUPERIOR_SDN,
+ * we replace the existing values with normalized values (because plugins
* expect these DNs to be normalized).
*/
- if ( passin_args ) {
- slapi_sdn_init_dn_passin(&sdn,dn); /* freed by slapi_sdn_done() */
+
+ if (NULL == origsdn) {
+ sdn = slapi_sdn_new_dn_byval(dn);
+ slapi_pblock_set(pb, SLAPI_MODRDN_TARGET_SDN, sdn);
+ }
+ if (passin_args) {
+ if (NULL == sdn) { /* origsdn is not NULL, so use it. */
+ sdn = origsdn;
+ }
} else {
- slapi_sdn_init_dn_byref(&sdn,dn);
- }
- if ( !passin_args ) {
- newrdn = slapi_ch_strdup( newrdn );
- newsuperior = slapi_ch_strdup( newsuperior );
- }
- if ( NULL != newsuperior ) {
- slapi_dn_normalize_case( newsuperior ); /* normalize in place */
+ if (NULL == sdn) {
+ sdn = slapi_sdn_dup(origsdn);
+ }
+ newrdn = slapi_ch_strdup(newrdn);
+ newsuperiorsdn = slapi_sdn_dup(newsuperiorsdn);
+ slapi_pblock_set(pb, SLAPI_MODRDN_TARGET_SDN, sdn);
+ slapi_pblock_set(pb, SLAPI_MODRDN_NEWRDN, (void *)newrdn);
+ slapi_pblock_set(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, newsuperiorsdn);
}
- slapi_pblock_set (pb, SLAPI_MODRDN_TARGET,
- (void*)slapi_ch_strdup(slapi_sdn_get_ndn (&sdn)));
- slapi_pblock_set(pb, SLAPI_MODRDN_NEWRDN, (void *)newrdn );
- slapi_pblock_set(pb, SLAPI_MODRDN_NEWSUPERIOR, (void *)newsuperior);
+ /* normdn = slapi_sdn_get_dn(sdn); */
+ newsuperior = slapi_sdn_get_dn(newsuperiorsdn);
/* get the proxy auth dn if the proxy auth control is present */
proxy_err = proxyauth_get_dn(pb, &proxydn, &errtext);
@@ -589,13 +591,13 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
}
/* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (pb->pb_op, &sdn);
+ operation_set_target_spec (pb->pb_op, sdn);
/*
- * Construct the new DN (code copied from backend
+ * Construct the new DN (code sdn from backend
* and modified to handle newsuperior)
*/
- newdn = slapi_moddn_get_newdn(&sdn,newrdn,newsuperior);
+ newdn = slapi_moddn_get_newdn(sdn, newrdn, newsuperior);
/*
* We could be serving multiple database backends. Select the
@@ -695,8 +697,20 @@ free_and_return_nolock:
LDAPMod **mods;
char *s;
- slapi_ch_free((void **) &newdn);
- slapi_sdn_done(&sdn);
+ if (passin_args) {
+ if (NULL == origsdn) {
+ slapi_sdn_free(&sdn);
+ }
+ } else {
+ slapi_pblock_get(pb, SLAPI_MODRDN_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &newrdn);
+ slapi_ch_free_string(&newrdn);
+ slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &newsuperiorsdn);
+ slapi_sdn_free(&newsuperiorsdn);
+ }
+ slapi_ch_free_string(&newdn);
+
slapi_pblock_get(pb, SLAPI_ENTRY_PRE_OP, &ecopy);
slapi_entry_free(ecopy);
slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &pse);
@@ -706,13 +720,6 @@ free_and_return_nolock:
slapi_ch_free_string(&proxydn);
slapi_ch_free_string(&proxystr);
- /* retrieve these in case a pre- or post-op plugin has changed them */
- slapi_pblock_get(pb, SLAPI_MODRDN_TARGET, &s);
- slapi_ch_free((void **)&s);
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &s);
- slapi_ch_free((void **)&s);
- slapi_pblock_get(pb, SLAPI_MODRDN_NEWSUPERIOR, &s);
- slapi_ch_free((void **)&s);
slapi_pblock_get(pb, SLAPI_URP_NAMING_COLLISION_DN, &s);
slapi_ch_free((void **)&s);
}
diff --git a/ldap/servers/slapd/operation.c b/ldap/servers/slapd/operation.c
index 185723e..1479ee9 100644
--- a/ldap/servers/slapd/operation.c
+++ b/ldap/servers/slapd/operation.c
@@ -398,17 +398,17 @@ copy_mods(LDAPMod **orig_mods)
struct slapi_operation_parameters *
operation_parameters_dup(struct slapi_operation_parameters *sop)
{
- struct slapi_operation_parameters *sop_new= (struct slapi_operation_parameters *)
+ struct slapi_operation_parameters *sop_new = (struct slapi_operation_parameters *)
slapi_ch_malloc(sizeof(struct slapi_operation_parameters));
memcpy(sop_new,sop,sizeof(struct slapi_operation_parameters));
- if(sop->target_address.dn!=NULL)
- {
- sop_new->target_address.dn= slapi_ch_strdup(sop->target_address.dn);
- }
if(sop->target_address.uniqueid!=NULL)
{
sop_new->target_address.uniqueid= slapi_ch_strdup(sop->target_address.uniqueid);
}
+ if(sop->target_address.sdn != NULL)
+ {
+ sop_new->target_address.sdn = slapi_sdn_dup(sop->target_address.sdn);
+ }
sop_new->csn= csn_dup(sop->csn);
switch(sop->operation_type)
@@ -429,10 +429,10 @@ operation_parameters_dup(struct slapi_operation_parameters *sop)
{
sop_new->p.p_modrdn.modrdn_newrdn= slapi_ch_strdup(sop->p.p_modrdn.modrdn_newrdn);
}
- if(sop->p.p_modrdn.modrdn_newsuperior_address.dn!=NULL)
+ if(sop->p.p_modrdn.modrdn_newsuperior_address.sdn!=NULL)
{
- sop_new->p.p_modrdn.modrdn_newsuperior_address.dn =
- slapi_ch_strdup(sop->p.p_modrdn.modrdn_newsuperior_address.dn);
+ sop_new->p.p_modrdn.modrdn_newsuperior_address.sdn =
+ slapi_sdn_dup(sop->p.p_modrdn.modrdn_newsuperior_address.sdn);
}
if(sop->p.p_modrdn.modrdn_newsuperior_address.uniqueid!=NULL)
{
@@ -462,8 +462,9 @@ operation_parameters_done (struct slapi_operation_parameters *sop)
{
if(sop!=NULL)
{
- slapi_ch_free((void **)&sop->target_address.dn);
slapi_ch_free((void **)&sop->target_address.uniqueid);
+ slapi_sdn_free(&sop->target_address.sdn);
+
csn_free(&sop->csn);
switch(sop->operation_type)
@@ -479,7 +480,6 @@ operation_parameters_done (struct slapi_operation_parameters *sop)
break;
case SLAPI_OPERATION_MODRDN:
slapi_ch_free((void **)&(sop->p.p_modrdn.modrdn_newrdn));
- slapi_ch_free((void **)&(sop->p.p_modrdn.modrdn_newsuperior_address.dn));
slapi_ch_free((void **)&(sop->p.p_modrdn.modrdn_newsuperior_address.uniqueid));
ldap_mods_free(sop->p.p_modrdn.modrdn_mods, 1 /* Free the Array and the Elements */);
sop->p.p_modrdn.modrdn_mods= NULL;
@@ -504,8 +504,3 @@ void operation_parameters_free(struct slapi_operation_parameters **sop)
slapi_ch_free ((void**)sop);
}
}
-
-
-
-
-
diff --git a/ldap/servers/slapd/opshared.c b/ldap/servers/slapd/opshared.c
index 1af97c6..25232b5 100644
--- a/ldap/servers/slapd/opshared.c
+++ b/ldap/servers/slapd/opshared.c
@@ -188,7 +188,9 @@ void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods)
void
op_shared_search (Slapi_PBlock *pb, int send_result)
{
- char *base, *fstr;
+ char *base = NULL;
+ const char *normbase = NULL;
+ char *fstr;
int scope;
Slapi_Backend *be = NULL;
Slapi_Backend *be_single = NULL;
@@ -198,7 +200,8 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
char attrlistbuf[ 1024 ], *attrliststr, **attrs = NULL;
int rc = 0;
int internal_op;
- Slapi_DN sdn;
+ Slapi_DN *basesdn = NULL;
+ Slapi_DN *sdn = NULL;
Slapi_Operation *operation;
Slapi_Entry *referral = NULL;
char *proxydn = NULL;
@@ -225,14 +228,27 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
int curr_search_count = 0;
Slapi_Backend *pr_be = NULL;
void *pr_search_result = NULL;
- int pr_search_result_count = 0;
int pr_reset_processing = 0;
be_list[0] = NULL;
referral_list[0] = NULL;
/* get search parameters */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
+ slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &base);
+
+ sdn = slapi_sdn_new_dn_byval(base);
+ normbase = slapi_sdn_get_dn(sdn);
+
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, sdn);
+ if (base && (strlen(base) > 0) && (NULL == normbase)) {
+ /* normalization failed */
+ op_shared_log_error_access(pb, "SRCH", base, "invalid dn");
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL, "invalid dn", 0, NULL);
+ rc = -1;
+ goto free_and_return_nolock;
+ }
+ basesdn = slapi_sdn_dup(sdn);
+
slapi_pblock_get(pb, SLAPI_SEARCH_SCOPE, &scope);
slapi_pblock_get(pb, SLAPI_SEARCH_STRFILTER, &fstr);
slapi_pblock_get(pb, SLAPI_SEARCH_ATTRS, &attrs);
@@ -240,8 +256,6 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
flag_psearch = operation_is_flag_set(operation, OP_FLAG_PS);
- slapi_sdn_init_dn_byref(&sdn, base);
-
/* get the proxy auth dn if the proxy auth control is present */
proxy_err = proxyauth_get_dn(pb, &proxydn, &errtext);
@@ -298,7 +312,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
slapi_log_access(LDAP_DEBUG_STATS, fmtstr,
pb->pb_conn->c_connid,
pb->pb_op->o_opid,
- escape_string(slapi_sdn_get_dn (&sdn), ebuf),
+ escape_string(normbase, ebuf),
scope, fstr, attrliststr,
flag_psearch ? " options=persistent" : "",
proxystr ? proxystr : "");
@@ -308,7 +322,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
slapi_log_access(LDAP_DEBUG_ARGS, fmtstr,
LOG_INTERNAL_OP_CON_ID,
LOG_INTERNAL_OP_OP_ID,
- escape_string(slapi_sdn_get_dn (&sdn), ebuf),
+ escape_string(normbase, ebuf),
scope, fstr, attrliststr,
flag_psearch ? " options=persistent" : "",
proxystr ? proxystr : "");
@@ -316,7 +330,8 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
}
/* If we encountered an error parsing the proxy control, return an error
- * to the client. We do this here to ensure that we log the operation first. */
+ * to the client. We do this here to ensure that we log the operation first.
+ */
if (proxy_err != LDAP_SUCCESS)
{
rc = -1;
@@ -324,10 +339,10 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
goto free_and_return_nolock;
}
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, (void*)slapi_sdn_get_ndn (&sdn));
-
- /* target spec is used to decide which plugins are applicable for the operation */
- operation_set_target_spec (pb->pb_op, &sdn);
+ /* target spec is used to decide which plugins are applicable for
+ * the operation. basesdn is duplicated and set to target spec.
+ */
+ operation_set_target_spec (pb->pb_op, basesdn);
/* this is time to check if mapping tree specific control
* was used to specify that we want to parse only
@@ -352,7 +367,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
else
{
/* we don't need no steenkin values */
- Slapi_Backend *searchbe = slapi_be_select( &sdn );
+ Slapi_Backend *searchbe = slapi_be_select( sdn );
if(searchbe && searchbe != defbackend_get_backend())
{
@@ -406,8 +421,6 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
operation->o_flags |= OP_FLAG_PAGED_RESULTS;
pr_be = pagedresults_get_current_be(pb->pb_conn);
pr_search_result = pagedresults_get_search_result(pb->pb_conn);
- pr_search_result_count =
- pagedresults_get_search_result_count(pb->pb_conn);
estimate =
pagedresults_get_search_result_set_size_estimate(pb->pb_conn);
if (pagedresults_get_unindexed(pb->pb_conn)) {
@@ -501,11 +514,23 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
goto free_and_return;
case -2: /* memory was allocated */
- /* take note of any changes */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
+ /* take note of any changes */
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
slapi_pblock_get(pb, SLAPI_SEARCH_SCOPE, &scope);
-
- slapi_sdn_set_dn_byref(&sdn, base);
+ if (NULL == sdn) {
+ send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL,
+ "target dn is lost", 0, NULL);
+ rc = -1;
+ goto free_and_return;
+ }
+ if (slapi_sdn_compare(basesdn, sdn)) {
+ slapi_sdn_free(&basesdn);
+ basesdn = operation_get_target_spec(pb->pb_op);
+ slapi_sdn_free(&basesdn);
+ basesdn = slapi_sdn_dup(sdn);
+ operation_set_target_spec (pb->pb_op, basesdn);
+ }
+ normbase = slapi_sdn_get_dn(sdn);
break;
case -1:
@@ -551,7 +576,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
rc = -1; /* zero backends would mean failure */
while (be)
{
- const Slapi_DN * be_suffix;
+ const Slapi_DN *be_suffix;
int err = 0;
Slapi_Backend *next_be = NULL;
@@ -570,7 +595,7 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
* is below another backend because in that case the
* such searches should sometimes succeed
* To allow this we therefore have to change the
- * SLAPI_SEARCH_TARGET parameter in the pblock
+ * SLAPI_SEARCH_TARGET_SDN parameter in the pblock
*
* Also when we climb down the mapping tree we have to
* change ONE-LEVEL searches to BASE
@@ -636,25 +661,27 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
{
if ((be_name == NULL) && (scope == LDAP_SCOPE_ONELEVEL))
{
- /* one level searches
- * - depending on the suffix of the backend we might have to
- * do a one level search or a base search
- * - we might also have to change the search target
- */
- if (slapi_sdn_isparent(&sdn, be_suffix)
- || (slapi_sdn_get_ndn_len(&sdn) == 0))
+ /* one level searches
+ * - depending on the suffix of the backend we might have to
+ * do a one level search or a base search
+ * - we might also have to change the search target
+ */
+ if (slapi_sdn_isparent(basesdn, be_suffix) ||
+ (slapi_sdn_get_ndn_len(basesdn) == 0))
{
int tmp_scope = LDAP_SCOPE_BASE;
slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &tmp_scope);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET,
- (void *)slapi_sdn_get_ndn(be_suffix));
+
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ sdn = slapi_sdn_dup(be_suffix);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, (void *)sdn);
+ normbase = slapi_sdn_get_dn(sdn);
}
- else if (slapi_sdn_issuffix(&sdn, be_suffix))
+ else if (slapi_sdn_issuffix(basesdn, be_suffix))
{
int tmp_scope = LDAP_SCOPE_ONELEVEL;
slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &tmp_scope);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET,
- (void *)slapi_sdn_get_ndn (&sdn));
}
else
goto next_be;
@@ -662,19 +689,20 @@ op_shared_search (Slapi_PBlock *pb, int send_result)
/* subtree searches :
* if the search was started above the backend suffix
- * - temporarily set the SLAPI_SEARCH_TARGET to the
+ * - temporarily set the SLAPI_SEARCH_TARGET_SDN to the
* base of the node so that we don't get a NO SUCH OBJECT error
* - do not change the scope
*/
if (scope == LDAP_SCOPE_SUBTREE)
{
- if (slapi_sdn_issuffix(be_suffix, &sdn))
+ if (slapi_sdn_issuffix(be_suffix, basesdn))
{
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET,
- (void *)slapi_sdn_get_ndn(be_suffix));
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ sdn = slapi_sdn_dup(be_suffix);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, (void *)sdn);
+ normbase = slapi_sdn_get_dn(sdn);
}
- else
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, (void *)slapi_sdn_get_ndn(&sdn));
}
}
@@ -886,11 +914,15 @@ free_and_return:
else if (be_single)
slapi_be_Unlock(be_single);
- free_and_return_nolock:
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, base);
+free_and_return_nolock:
slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, &rc);
index_subsys_filter_decoders_done(pb);
- slapi_sdn_done(&sdn);
+
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ slapi_sdn_free(&basesdn);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, NULL);
+
slapi_ch_free_string(&proxydn);
slapi_ch_free_string(&proxystr);
if (pr_reset_processing) {
@@ -1146,10 +1178,8 @@ iterate(Slapi_PBlock *pb, Slapi_Backend *be, int send_result,
{
Slapi_Entry *gerentry = NULL;
Slapi_Operation *operation;
- int is_paged = 0;
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
- is_paged = operation->o_flags & OP_FLAG_PAGED_RESULTS;
rc = be->be_next_search_entry(pb);
if (rc < 0)
{
diff --git a/ldap/servers/slapd/passwd_extop.c b/ldap/servers/slapd/passwd_extop.c
index c1f00d2..a68602b 100644
--- a/ldap/servers/slapd/passwd_extop.c
+++ b/ldap/servers/slapd/passwd_extop.c
@@ -238,7 +238,6 @@ static int passwd_modify_generate_basic_passwd( int passlen, char **genpasswd )
char *data = NULL;
char *enc = NULL;
int datalen = LDAP_EXTOP_PASSMOD_RANDOM_BYTES;
- int enclen = LDAP_EXTOP_PASSMOD_GEN_PASSWD_LEN + 1;
if ( genpasswd == NULL ) {
return LDAP_OPERATIONS_ERROR;
@@ -246,7 +245,6 @@ static int passwd_modify_generate_basic_passwd( int passlen, char **genpasswd )
if ( passlen > 0 ) {
datalen = passlen * 3 / 4 + 1;
- enclen = datalen * 4; /* allocate the large enough space */
}
data = slapi_ch_calloc( datalen, 1 );
@@ -454,10 +452,10 @@ passwd_modify_extop( Slapi_PBlock *pb )
{
char *oid = NULL;
char *bindDN = NULL;
+ Slapi_DN *bindSDN = NULL;
char *authmethod = NULL;
char *rawdn = NULL;
- char *dn = NULL;
- size_t dnlen = 0;
+ const char *dn = NULL;
char *otdn = NULL;
char *oldPasswd = NULL;
char *newPasswd = NULL;
@@ -582,15 +580,13 @@ passwd_modify_extop( Slapi_PBlock *pb )
if (tag == LDAP_EXTOP_PASSMOD_TAG_USERID )
{
int rc = 0;
- if ( ber_scanf( ber, "a", &rawdn) == LBER_ERROR )
- {
- slapi_ch_free_string(&rawdn);
- LDAPDebug( LDAP_DEBUG_ANY,
- "ber_scanf failed :{\n", 0, 0, 0 );
- errMesg = "ber_scanf failed at userID parse.\n";
- rc = LDAP_PROTOCOL_ERROR;
- goto free_and_return;
- }
+ if ( ber_scanf( ber, "a", &rawdn) == LBER_ERROR ) {
+ slapi_ch_free_string(&rawdn);
+ LDAPDebug( LDAP_DEBUG_ANY, "ber_scanf failed :{\n", 0, 0, 0 );
+ errMesg = "ber_scanf failed at userID parse.\n";
+ rc = LDAP_PROTOCOL_ERROR;
+ goto free_and_return;
+ }
/* Check if we should be performing strict validation. */
if (config_get_dn_validate_strict()) {
@@ -605,50 +601,31 @@ passwd_modify_extop( Slapi_PBlock *pb )
goto free_and_return;
}
}
- rc = slapi_dn_normalize_ext(rawdn, 0, &dn, &dnlen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "EXT", rawdn?rawdn:"",
- "invalid target dn");
- slapi_ch_free_string(&rawdn);
- errMesg = "invalid target dn.\n";
- rc = LDAP_INVALID_SYNTAX;
- goto free_and_return;
- } else if (rc == 0) { /* rawdn is passed in, not terminated */
- *(dn + dnlen) = '\0';
- } else {
- slapi_ch_free_string(&rawdn);
- }
- tag = ber_peek_tag( ber, &len);
+ tag = ber_peek_tag(ber, &len);
}
-
/* identify oldPasswd field by tags */
- if (tag == LDAP_EXTOP_PASSMOD_TAG_OLDPWD )
- {
- if ( ber_scanf( ber, "a", &oldPasswd ) == LBER_ERROR )
- {
- slapi_ch_free_string(&oldPasswd);
- LDAPDebug( LDAP_DEBUG_ANY,
- "ber_scanf failed :{\n", 0, 0, 0 );
- errMesg = "ber_scanf failed at oldPasswd parse.\n";
- rc = LDAP_PROTOCOL_ERROR;
- goto free_and_return;
- }
+ if (tag == LDAP_EXTOP_PASSMOD_TAG_OLDPWD ) {
+ if ( ber_scanf( ber, "a", &oldPasswd ) == LBER_ERROR ) {
+ slapi_ch_free_string(&oldPasswd);
+ LDAPDebug( LDAP_DEBUG_ANY, "ber_scanf failed :{\n", 0, 0, 0 );
+ errMesg = "ber_scanf failed at oldPasswd parse.\n";
+ rc = LDAP_PROTOCOL_ERROR;
+ goto free_and_return;
+ }
tag = ber_peek_tag( ber, &len);
}
/* identify newPasswd field by tags */
if (tag == LDAP_EXTOP_PASSMOD_TAG_NEWPWD )
{
- if ( ber_scanf( ber, "a", &newPasswd ) == LBER_ERROR )
- {
- slapi_ch_free_string(&newPasswd);
- LDAPDebug( LDAP_DEBUG_ANY,
- "ber_scanf failed :{\n", 0, 0, 0 );
- errMesg = "ber_scanf failed at newPasswd parse.\n";
- rc = LDAP_PROTOCOL_ERROR;
- goto free_and_return;
- }
+ if ( ber_scanf( ber, "a", &newPasswd ) == LBER_ERROR ) {
+ slapi_ch_free_string(&newPasswd);
+ LDAPDebug( LDAP_DEBUG_ANY, "ber_scanf failed :{\n", 0, 0, 0 );
+ errMesg = "ber_scanf failed at newPasswd parse.\n";
+ rc = LDAP_PROTOCOL_ERROR;
+ goto free_and_return;
+ }
}
parse_req_done:
@@ -659,14 +636,28 @@ parse_req_done:
/* Get Bind DN */
slapi_pblock_get( pb, SLAPI_CONN_DN, &bindDN );
+ /* If the connection is bound anonymously, we must refuse to process this operation. */
+ if (bindDN == NULL || *bindDN == '\0') {
+ /* Refuse the operation because they're bound anonymously */
+ errMesg = "Anonymous Binds are not allowed.\n";
+ rc = LDAP_INSUFFICIENT_ACCESS;
+ goto free_and_return;
+ }
+
/* Find and set the target DN. */
- if (dn && *dn != '\0') {
- target_sdn = slapi_sdn_new_dn_byref(dn);
- slapi_pblock_set(pb, SLAPI_TARGET_DN, dn);
- } else if (bindDN && *bindDN != '\0') {
- target_sdn = slapi_sdn_new_dn_byref(bindDN);
- slapi_pblock_set(pb, SLAPI_TARGET_DN, bindDN);
+ if (rawdn && *rawdn != '\0') {
+ target_sdn = slapi_sdn_new_dn_passin(rawdn);
+ } else { /* We already checked (bindDN && *bindDN != '\0') above */
+ target_sdn = bindSDN = slapi_sdn_new_normdn_byref(bindDN);
+ }
+ dn = slapi_sdn_get_ndn(target_sdn);
+ if (dn == NULL || *dn == '\0') {
+ /* Refuse the operation because they're bound anonymously */
+ errMesg = "Invalid dn.\n";
+ rc = LDAP_INVALID_DN_SYNTAX;
+ goto free_and_return;
}
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, target_sdn);
/* Check if we need to send any referrals. */
if (slapi_dn_write_needs_referral(target_sdn, &referrals)) {
@@ -674,14 +665,6 @@ parse_req_done:
goto free_and_return;
}
- /* If the connection is bound anonymously, we must refuse to process this operation. */
- if (bindDN == NULL || *bindDN == '\0') {
- /* Refuse the operation because they're bound anonymously */
- errMesg = "Anonymous Binds are not allowed.\n";
- rc = LDAP_INSUFFICIENT_ACCESS;
- goto free_and_return;
- }
-
if (oldPasswd == NULL || *oldPasswd == '\0') {
/* If user is authenticated, they already gave their password during
* the bind operation (or used sasl or client cert auth or OS creds) */
@@ -746,19 +729,7 @@ parse_req_done:
ber_free( response_ber, 1 );
}
-
- /* Determine the target DN for this operation */
- /* Did they give us a DN ? */
- if (dn == NULL || *dn == '\0') {
- /* Get the DN from the bind identity on this connection */
- slapi_ch_free_string(&dn);
- dn = slapi_ch_strdup(bindDN);
- LDAPDebug( LDAP_DEBUG_ANY,
- "Missing userIdentity in request, using the bind DN instead.\n",
- 0, 0, 0 );
- }
-
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, dn );
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, (void *)dn );
/* Now we have the DN, look for the entry */
ret = passwd_modify_getEntry(dn, &targetEntry);
@@ -826,7 +797,9 @@ parse_req_done:
* this here since the normal modify code doesn't perform this check for
* internal operations. */
if (!pb->pb_op->o_isroot && !pb->pb_conn->c_needpw && !pwpolicy->pw_change) {
- Slapi_DN *bindSDN = slapi_sdn_new_dn_byref(bindDN);
+ if (NULL == bindSDN) {
+ bindSDN = slapi_sdn_new_normdn_byref(bindDN);
+ }
/* Is this a user modifying their own password? */
if (slapi_sdn_compare(bindSDN, slapi_entry_get_sdn(targetEntry))==0) {
if (need_pwpolicy_ctrl) {
@@ -834,10 +807,8 @@ parse_req_done:
}
errMesg = "User is not allowed to change password\n";
rc = LDAP_UNWILLING_TO_PERFORM;
- slapi_sdn_free(&bindSDN);
goto free_and_return;
}
- slapi_sdn_free(&bindSDN);
}
/* Fetch any present request controls so we can use them when
@@ -879,8 +850,6 @@ free_and_return:
send_ldap_result( pb, rc, NULL, errMesg, 0, NULL );
}
- slapi_sdn_free(&target_sdn);
- slapi_ch_free_string(&bindDN); /* slapi_pblock_get SLAPI_CONN_DN does strdup */
slapi_ch_free_string(&oldPasswd);
slapi_ch_free_string(&newPasswd);
/* Either this is the same pointer that we allocated and set above,
@@ -888,9 +857,16 @@ free_and_return:
* value that we need to free here */
slapi_pblock_get( pb, SLAPI_ORIGINAL_TARGET, &otdn );
if (otdn != dn) {
- slapi_ch_free_string(&dn);
+ slapi_ch_free_string(&otdn);
}
- slapi_ch_free_string(&otdn);
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &target_sdn);
+ if (bindSDN != target_sdn) {
+ slapi_sdn_free(&bindSDN);
+ }
+ /* slapi_pblock_get SLAPI_CONN_DN does strdup */
+ slapi_ch_free_string(&bindDN);
+ slapi_sdn_free(&target_sdn);
+ slapi_pblock_set(pb, SLAPI_TARGET_SDN, NULL);
slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, NULL );
slapi_ch_free_string(&authmethod);
delete_passwdPolicy(&pwpolicy);
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index d068132..9e264e3 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -1121,11 +1121,31 @@ slapi_pblock_get( Slapi_PBlock *pblock, int arg, void *value )
(*(entry_address **)value) = &(pblock->pb_op->o_params.target_address);
}
break;
- /* should be normalized */
- case SLAPI_TARGET_DN:
+ case SLAPI_TARGET_DN: /* DEPRECATED */
+ /* The returned value refers SLAPI_TARGET_SDN.
+ * It should not be freed.*/
if(pblock->pb_op!=NULL)
{
- (*(char **)value) = pblock->pb_op->o_params.target_address.dn;
+ Slapi_DN *sdn = pblock->pb_op->o_params.target_address.sdn;
+ if (sdn) {
+ (*(char **)value) = slapi_sdn_get_dn(sdn);
+ } else {
+ (*(char **)value) = NULL;
+ }
+ }
+ else
+ {
+ return( -1 );
+ }
+ break;
+ case SLAPI_TARGET_SDN:
+ if(pblock->pb_op!=NULL)
+ {
+ (*(Slapi_DN **)value) = pblock->pb_op->o_params.target_address.sdn;
+ }
+ else
+ {
+ return( -1 );
}
break;
case SLAPI_ORIGINAL_TARGET_DN:
@@ -1330,11 +1350,31 @@ slapi_pblock_get( Slapi_PBlock *pblock, int arg, void *value )
(*(int *)value) = pblock->pb_op->o_params.p.p_modrdn.modrdn_deloldrdn;
}
break;
- case SLAPI_MODRDN_NEWSUPERIOR:
+ case SLAPI_MODRDN_NEWSUPERIOR: /* DEPRECATED */
if(pblock->pb_op!=NULL)
{
- (*(char **)value) =
- pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.dn;
+ Slapi_DN *sdn =
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn;
+ if (sdn) {
+ (*(Slapi_DN **)value) = slapi_sdn_get_dn(sdn);
+ } else {
+ (*(Slapi_DN **)value) = NULL;
+ }
+ }
+ else
+ {
+ return -1;
+ }
+ break;
+ case SLAPI_MODRDN_NEWSUPERIOR_SDN:
+ if(pblock->pb_op!=NULL)
+ {
+ (*(Slapi_DN **)value) =
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn;
+ }
+ else
+ {
+ return -1;
}
break;
case SLAPI_MODRDN_PARENT_ENTRY:
@@ -1725,6 +1765,18 @@ slapi_pblock_get( Slapi_PBlock *pblock, int arg, void *value )
}
break;
+ case SLAPI_REQUESTOR_NDN:
+ /* NOTE: It's not a copy of the DN */
+ if (pblock->pb_op != NULL)
+ {
+ char *ndn = (char*)slapi_sdn_get_ndn(&pblock->pb_op->o_sdn);
+ if(ndn == NULL)
+ (*( char **)value ) = "";
+ else
+ (*( char **)value ) = ndn;
+ }
+ break;
+
case SLAPI_OPERATION_AUTHTYPE:
if (pblock->pb_op != NULL)
{
@@ -2676,10 +2728,31 @@ slapi_pblock_set( Slapi_PBlock *pblock, int arg, void *value )
case SLAPI_TARGET_ADDRESS:
PR_ASSERT (PR_FALSE); /* can't do this */
break;
- case SLAPI_TARGET_DN:
+ case SLAPI_TARGET_DN: /* DEPRECATED */
+ /* slapi_pblock_set(pb, SLAPI_TARGET_DN, val) automatically
+ * replaces SLAPI_TARGET_SDN. Caller should not free the
+ * original SLAPI_TARGET_SDN, but the reset one here by getting
+ * the address using slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn). */
if(pblock->pb_op!=NULL)
{
- pblock->pb_op->o_params.target_address.dn = (char *)value;
+ Slapi_DN *sdn = pblock->pb_op->o_params.target_address.sdn;
+ slapi_sdn_free(&sdn);
+ pblock->pb_op->o_params.target_address.sdn =
+ slapi_sdn_new_dn_byval((char *)value);
+ }
+ else
+ {
+ return( -1 );
+ }
+ break;
+ case SLAPI_TARGET_SDN:
+ if(pblock->pb_op!=NULL)
+ {
+ pblock->pb_op->o_params.target_address.sdn = (Slapi_DN *)value;
+ }
+ else
+ {
+ return( -1 );
}
break;
case SLAPI_ORIGINAL_TARGET_DN:
@@ -2830,10 +2903,29 @@ slapi_pblock_set( Slapi_PBlock *pblock, int arg, void *value )
pblock->pb_op->o_params.p.p_modrdn.modrdn_deloldrdn = *((int *) value);
}
break;
- case SLAPI_MODRDN_NEWSUPERIOR:
+ case SLAPI_MODRDN_NEWSUPERIOR: /* DEPRECATED */
+ if(pblock->pb_op!=NULL)
+ {
+ Slapi_DN *sdn =
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn;
+ slapi_sdn_free(&sdn);
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn =
+ slapi_sdn_new_dn_byval((char *)value);
+ }
+ else
+ {
+ return -1;
+ }
+ break;
+ case SLAPI_MODRDN_NEWSUPERIOR_SDN:
if(pblock->pb_op!=NULL)
{
- pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.dn = (char *) value;
+ pblock->pb_op->o_params.p.p_modrdn.modrdn_newsuperior_address.sdn =
+ (Slapi_DN *) value;
+ }
+ else
+ {
+ return -1;
}
break;
case SLAPI_MODRDN_PARENT_ENTRY:
@@ -3456,9 +3548,7 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
if ( conn->c_dn != NULL ) {
if ( bind_target_entry == NULL )
{
- Slapi_DN *sdn;
-
- sdn = slapi_sdn_new_dn_byref( conn->c_dn ); /* set */
+ Slapi_DN *sdn = slapi_sdn_new_normdn_byref( conn->c_dn );
reslimit_update_from_dn( conn, sdn );
slapi_sdn_free( &sdn );
} else {
@@ -3466,11 +3556,9 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
}
} else {
char *anon_dn = config_get_anon_limits_dn();
- Slapi_DN *anon_sdn = NULL;
-
/* If an anonymous limits dn is set, use it to set the limits. */
if (anon_dn && (strlen(anon_dn) > 0)) {
- anon_sdn = slapi_sdn_new_dn_byref( anon_dn );
+ Slapi_DN *anon_sdn = slapi_sdn_new_normdn_byref( anon_dn );
reslimit_update_from_dn( conn, anon_sdn );
slapi_sdn_free( &anon_sdn );
}
diff --git a/ldap/servers/slapd/plugin.c b/ldap/servers/slapd/plugin.c
index 19d6d38..52b560f 100644
--- a/ldap/servers/slapd/plugin.c
+++ b/ldap/servers/slapd/plugin.c
@@ -180,6 +180,7 @@ add_plugin_entries()
slapi_add_entry_internal_set_pb(&newpb, ep->e, NULL,
ep->plugin, plugin_actions);
slapi_pblock_set(&newpb, SLAPI_TARGET_DN, (void*)slapi_entry_get_dn_const(ep->e));
+ slapi_pblock_set(&newpb, SLAPI_TARGET_SDN, (void*)slapi_entry_get_sdn_const(ep->e));
slapi_add_internal_pb(&newpb);
deleteep = ep;
ep = ep->next;
@@ -269,16 +270,13 @@ slapi_register_plugin_ext(
int ii = 0;
int rc = 0;
Slapi_Entry *e = NULL;
- char *dn = slapi_create_dn_string("cn=%s,%s", name, PLUGIN_BASE_DN);
- if (NULL == dn) {
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
- "slapi_register_plugin_ext: "
- "failed to create plugin dn (plugin name: %s)\n", name);
- return 1;
- }
+ char *dn = slapi_ch_smprintf("cn=%s,%s", name, PLUGIN_BASE_DN);
+ Slapi_DN *sdn = slapi_sdn_new_dn_passin(dn);
+
e = slapi_entry_alloc();
/* this function consumes dn */
- slapi_entry_init(e, dn, NULL);
+ slapi_entry_init_ext(e, sdn, NULL);
+ slapi_sdn_free(&sdn);
slapi_entry_attr_set_charptr(e, "cn", name);
slapi_entry_attr_set_charptr(e, ATTR_PLUGIN_TYPE, plugintype);
@@ -520,9 +518,6 @@ plugin_extended_op_oid2string( const char *oid )
}
break;
}
- if ( p->plg_exoids[i] != NULL ) {
- break;
- }
}
}
}
@@ -991,30 +986,30 @@ plugin_dependency_startall(int argc, char** argv, char *errmsg, int operation)
if(plugin_entry)
{
- /*
- * Pass the plugin DN in SLAPI_TARGET_DN and the plugin entry
- * in SLAPI_ADD_ENTRY. For this to actually work, we need to
- * create an operation and include that in the pblock as well,
- * because these two items are stored in the operation parameters.
- */
- /* WARNING: memory leak here - op is only freed by a pblock_done,
+ /*
+ * Pass the plugin DN in SLAPI_TARGET_SDN and the plugin entry
+ * in SLAPI_ADD_ENTRY. For this to actually work, we need to
+ * create an operation and include that in the pblock as well,
+ * because these two items are stored in the operation parameters.
+ */
+ /* WARNING: memory leak here - op is only freed by a pblock_done,
and this only happens below if the plugin is enabled - a short
circuit goto bail may also cause a leak - however, since this
only happens a few times at startup, this is not a very serious
leak - just after the call to plugin_call_one */
- Operation *op = internal_operation_new(SLAPI_OPERATION_ADD, 0);
- slapi_pblock_set(&(config[plugin_index].pb), SLAPI_OPERATION, op);
- slapi_pblock_set(&(config[plugin_index].pb), SLAPI_TARGET_DN,
- (void*)(slapi_entry_get_dn_const(plugin_entry)));
- slapi_pblock_set(&(config[plugin_index].pb), SLAPI_ADD_ENTRY,
- plugin_entry );
+ Operation *op = internal_operation_new(SLAPI_OPERATION_ADD, 0);
+ slapi_pblock_set(&(config[plugin_index].pb), SLAPI_OPERATION, op);
+ slapi_pblock_set(&(config[plugin_index].pb), SLAPI_TARGET_SDN,
+ (void*)(slapi_entry_get_sdn_const(plugin_entry)));
+ slapi_pblock_set(&(config[plugin_index].pb), SLAPI_ADD_ENTRY,
+ plugin_entry );
/* Pass the plugin alternate config area DN in SLAPI_PLUGIN_CONFIG_AREA. */
value = slapi_entry_attr_get_charptr(plugin_entry, ATTR_PLUGIN_CONFIG_AREA);
if(value)
{
- config[plugin_index].config_area = value;
- value = NULL;
+ config[plugin_index].config_area = value;
+ value = NULL;
slapi_pblock_set(&(config[plugin_index].pb), SLAPI_PLUGIN_CONFIG_AREA,
config[plugin_index].config_area);
}
@@ -1191,7 +1186,7 @@ plugin_dependency_startall(int argc, char** argv, char *errmsg, int operation)
newe = slapi_entry_dup( config[plugin_index].e );
slapi_add_entry_internal_set_pb(&newpb, newe, NULL,
plugin_get_default_component_id(), plugin_actions);
- slapi_pblock_set(&newpb, SLAPI_TARGET_DN, (void*)slapi_entry_get_dn_const(newe));
+ slapi_pblock_set(&newpb, SLAPI_TARGET_SDN, (void*)slapi_entry_get_sdn_const(newe));
slapi_add_internal_pb(&newpb);
pblock_done(&newpb);
config[plugin_index].entry_created = 1;
@@ -1440,17 +1435,17 @@ plugin_call_func (struct slapdplugin *list, int operation, Slapi_PBlock *pb, int
int count= 0;
for (; list != NULL; list = list->plg_next)
{
- IFP func = NULL;
+ IFP func = NULL;
- slapi_pblock_set (pb, SLAPI_PLUGIN, list);
- set_db_default_result_handlers (pb); /* JCM: What's this do? Is it needed here? */
- if (slapi_pblock_get (pb, operation, &func) == 0 && func != NULL &&
+ slapi_pblock_set (pb, SLAPI_PLUGIN, list);
+ set_db_default_result_handlers (pb); /* JCM: What's this do? Is it needed here? */
+ if (slapi_pblock_get (pb, operation, &func) == 0 && func != NULL &&
plugin_invoke_plugin_pb (list, operation, pb))
{
char *n= list->plg_name;
LDAPDebug( LDAP_DEBUG_TRACE, "Calling plugin '%s' #%d type %d\n", (n==NULL?"noname":n), count, operation );
/* counters_to_errors_log("before plugin call"); */
- if (( rc = func (pb)) != 0 )
+ if (( rc = func (pb)) != 0 )
{
if (SLAPI_PLUGIN_PREOPERATION == list->plg_type ||
SLAPI_PLUGIN_INTERNAL_PREOPERATION == list->plg_type ||
@@ -1471,16 +1466,16 @@ plugin_call_func (struct slapdplugin *list, int operation, Slapi_PBlock *pb, int
/* OR the result into the return value for be pre/postops */
return_value |= rc;
}
- }
+ }
/* counters_to_errors_log("after plugin call"); */
- }
+ }
count++;
if(call_one)
break;
- }
- return( return_value );
+ }
+ return( return_value );
}
int
@@ -1574,9 +1569,9 @@ ldapi_init_extended_ops( void )
slapi_rwlock_wrlock(extended_ops_lock);
charray_add(&supported_extended_ops,
- slapi_ch_strdup(EXTOP_BULK_IMPORT_START_OID));
+ slapi_ch_strdup(EXTOP_BULK_IMPORT_START_OID));
charray_add(&supported_extended_ops,
- slapi_ch_strdup(EXTOP_BULK_IMPORT_DONE_OID));
+ slapi_ch_strdup(EXTOP_BULK_IMPORT_DONE_OID));
/* add future supported extops here... */
slapi_rwlock_unlock(extended_ops_lock);
}
@@ -2147,7 +2142,9 @@ plugin_setup(Slapi_Entry *plugin_entry, struct slapi_componentid *group,
}
else
{
- plugin->plg_name = value; /* plugin owns value's memory now, don't free */
+ /* plg_name is normalized once here */
+ plugin->plg_name = slapi_create_rdn_value("%s", value);
+ slapi_ch_free((void**)&value);
}
if (!(value = slapi_entry_attr_get_charptr(plugin_entry, ATTR_PLUGIN_PRECEDENCE)))
@@ -2546,7 +2543,7 @@ plugin_invoke_plugin_sdn (struct slapdplugin *plugin, int operation, Slapi_PBloc
char* plugin_get_dn (const struct slapdplugin *plugin)
{
char *plugindn = NULL;
- char *pattern = "cn=%s," PLUGIN_BASE_DN;
+ char *pattern = "cn=%s," PLUGIN_BASE_DN; /* cn=plugins,cn=config */
if (plugin == NULL) /* old plugin that does not pass identity - use default */
plugin = &global_default_plg;
@@ -2554,7 +2551,8 @@ char* plugin_get_dn (const struct slapdplugin *plugin)
if (plugin->plg_name == NULL)
return NULL;
- plugindn = slapi_create_dn_string(pattern, plugin->plg_name);
+ /* plg_name is normalized in plugin_setup. So, we can use smprintf */
+ plugindn = slapi_ch_smprintf(pattern, plugin->plg_name);
if (NULL == plugindn) {
slapi_log_error(SLAPI_LOG_FATAL, NULL,
"plugin_get_dn: failed to create plugin dn "
diff --git a/ldap/servers/slapd/plugin_acl.c b/ldap/servers/slapd/plugin_acl.c
index 2dd0f71..24dcc76 100644
--- a/ldap/servers/slapd/plugin_acl.c
+++ b/ldap/servers/slapd/plugin_acl.c
@@ -138,12 +138,12 @@ plugin_call_acl_mods_update ( Slapi_PBlock *pb, int optype )
int rc = 0;
void *change = NULL;
Slapi_Entry *te = NULL;
- Slapi_DN sdn;
+ Slapi_DN *sdn = NULL;
Operation *operation;
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
- (void)slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ (void)slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
switch ( optype ) {
case SLAPI_OPERATION_MODIFY:
@@ -154,24 +154,29 @@ plugin_call_acl_mods_update ( Slapi_PBlock *pb, int optype )
te = (Slapi_Entry *)change;
if(!slapi_sdn_isempty(slapi_entry_get_sdn(te)))
{
- dn= (char*)slapi_sdn_get_ndn(slapi_entry_get_sdn(te)); /* jcm - Had to cast away const */
+ sdn = slapi_entry_get_sdn(te);
}
break;
case SLAPI_OPERATION_MODRDN:
(void)slapi_pblock_get( pb, SLAPI_MODRDN_NEWRDN, &change );
break;
- }
+ }
- slapi_sdn_init_dn_byref (&sdn, dn);
+ if (NULL == sdn) {
+ LDAPDebug0Args ( LDAP_DEBUG_ANY,
+ "plugin_call_acl_mods_update: Null target DN\n" );
+ return LDAP_INVALID_DN_SYNTAX;
+ }
+
/* call the global plugins first and then the backend specific */
+ dn = (char*)slapi_sdn_get_ndn(sdn); /* jcm - Had to cast away const */
for ( p = get_plugin_list(PLUGIN_LIST_ACL); p != NULL; p = p->plg_next ) {
- if (plugin_invoke_plugin_sdn (p, SLAPI_PLUGIN_ACL_MODS_UPDATE, pb, &sdn)){
+ if (plugin_invoke_plugin_sdn(p, SLAPI_PLUGIN_ACL_MODS_UPDATE, pb, sdn)){
rc = (*p->plg_acl_mods_update)(pb, optype, dn, change );
if ( rc != LDAP_SUCCESS ) break;
}
}
- slapi_sdn_done (&sdn);
return rc;
}
diff --git a/ldap/servers/slapd/plugin_internal_op.c b/ldap/servers/slapd/plugin_internal_op.c
index c8e6000..67189a4 100644
--- a/ldap/servers/slapd/plugin_internal_op.c
+++ b/ldap/servers/slapd/plugin_internal_op.c
@@ -282,21 +282,25 @@ int slapi_seq_internal_callback_pb (Slapi_PBlock *pb, void *callback_data, plugi
return (seq_internal_callback_pb (pb, callback_data, res_callback, srch_callback, ref_callback));
}
-void slapi_search_internal_set_pb (Slapi_PBlock *pb, const char *base, int scope, const char *filter, char **attrs,
- int attrsonly, LDAPControl **controls, const char *uniqueid,
- Slapi_ComponentId *plugin_identity, int operation_flags)
+void
+slapi_search_internal_set_pb (Slapi_PBlock *pb, const char *base,
+ int scope, const char *filter, char **attrs,
+ int attrsonly, LDAPControl **controls,
+ const char *uniqueid,
+ Slapi_ComponentId *plugin_identity,
+ int operation_flags)
{
Operation *op;
if (pb == NULL || base == NULL)
{
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
- "slapi_search_internal_set_pb: NULL parameter\n");
+ slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ "slapi_search_internal_set_pb: NULL parameter\n");
return;
}
- op= internal_operation_new(SLAPI_OPERATION_SEARCH,operation_flags);
+ op= internal_operation_new(SLAPI_OPERATION_SEARCH,operation_flags);
slapi_pblock_set(pb, SLAPI_OPERATION, op);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, (void*)base);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET_DN, (void *)base);
slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &scope);
slapi_pblock_set(pb, SLAPI_SEARCH_STRFILTER, (void*)filter);
slapi_pblock_set(pb, SLAPI_CONTROLS_ARG, controls);
@@ -323,7 +327,7 @@ void slapi_seq_internal_set_pb(Slapi_PBlock *pb, char *base, int type, char *att
op= internal_operation_new(SLAPI_OPERATION_SEARCH,operation_flags);
slapi_pblock_set(pb, SLAPI_OPERATION, op);
- slapi_pblock_set(pb, SLAPI_SEARCH_TARGET, base);
+ slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET_DN, (void *)base );
slapi_pblock_set(pb, SLAPI_SEQ_TYPE, &type);
slapi_pblock_set(pb, SLAPI_SEQ_ATTRNAME, attrname);
slapi_pblock_set(pb, SLAPI_SEQ_VAL, val);
@@ -343,19 +347,22 @@ static int seq_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
Operation *op;
struct callback_fn_ptrs callback_handler_data;
Slapi_Backend *be;
- Slapi_DN sdn;
char *base;
char *attrname, *val;
+ Slapi_DN *sdn = NULL;
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &base);
+ slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, (void *)&base );
slapi_pblock_get(pb, SLAPI_CONTROLS_ARG, &controls);
- if (base == NULL) {
- slapi_sdn_init_dn_byval(&sdn,"");
- } else {
- slapi_sdn_init_dn_byval(&sdn, base);
- }
- be = slapi_be_select(&sdn);
+ if (base == NULL) {
+ sdn = slapi_sdn_new_dn_byval("");
+ } else {
+ sdn = slapi_sdn_new_dn_byref(base);
+ }
+
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, sdn);
+
+ be = slapi_be_select(sdn);
callback_handler_data.p_res_callback = prc;
callback_handler_data.p_srch_entry_callback = psec;
@@ -369,8 +376,7 @@ static int seq_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
op->o_search_referral_handler = internal_ref_entry_callback;
/* set target specification of the operation used to decide which plugins are called for the operation */
- operation_set_target_spec (op, &sdn);
-
+ operation_set_target_spec (op, sdn);
/* Normalize the attribute type and value */
slapi_pblock_get (pb, SLAPI_SEQ_ATTRNAME, &attrname);
@@ -396,14 +402,16 @@ static int seq_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
}
else
{
- send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL, "Function not implemented", 0, NULL);
+ send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL, "Function not implemented", 0, NULL);
rc = 0;
}
- slapi_ch_free((void **) &attrname);
- slapi_ch_free((void **) &val);
-
- slapi_sdn_done(&sdn);
+ slapi_ch_free_string(&attrname);
+ slapi_ch_free_string(&val);
+ /* slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &normbase); */
+ slapi_pblock_get(pb, SLAPI_SEARCH_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+ slapi_pblock_set(pb, SLAPI_SEARCH_TARGET_SDN, NULL);
return rc;
}
@@ -675,10 +683,11 @@ static int search_internal_pb (Slapi_PBlock *pb)
return 0;
}
-static int search_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
- plugin_result_callback prc,
- plugin_search_entry_callback psec,
- plugin_referral_entry_callback prec)
+static int
+search_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
+ plugin_result_callback prc,
+ plugin_search_entry_callback psec,
+ plugin_referral_entry_callback prec)
{
LDAPControl **controls;
Operation *op;
@@ -689,8 +698,6 @@ static int search_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
char *ifstr;
int opresult;
int rc = 0;
- char *original_base = 0;
- char *new_base = 0;
PR_ASSERT (pb);
@@ -755,12 +762,8 @@ static int search_internal_callback_pb (Slapi_PBlock *pb, void *callback_data,
* memory so we need to keep track of
* changed base search strings
*/
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &original_base);
- slapi_pblock_set(pb, SLAPI_ORIGINAL_TARGET_DN, slapi_ch_strdup(original_base));
-
op_shared_search (pb, 1);
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &new_base);
slapi_pblock_get(pb, SLAPI_SEARCH_FILTER, &filter);
done:
@@ -770,24 +773,17 @@ done:
slapi_filter_free(filter, 1 /* recurse */);
}
- if(original_base != new_base)
- slapi_ch_free_string(&new_base);
-
- /* we strdup'd this above - need to free */
- slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &original_base);
- slapi_ch_free_string(&original_base);
-
return(rc);
}
/* allow/disallow operation based of the plugin configuration */
PRBool allow_operation (Slapi_PBlock *pb)
{
- char *dn = NULL;
struct slapdplugin *plugin = NULL;
- Slapi_DN sdn;
+ Slapi_DN *sdnp = NULL;
+ Slapi_DN sdn = {0};
PRBool allow;
- struct slapi_componentid * cid=NULL;
+ struct slapi_componentid * cid=NULL;
PR_ASSERT (pb);
@@ -805,17 +801,16 @@ PRBool allow_operation (Slapi_PBlock *pb)
return PR_FALSE;
}
- slapi_pblock_get (pb, SLAPI_TARGET_DN, &dn);
- if (dn == NULL) {
- slapi_sdn_init_dn_byval(&sdn,"");
- } else {
- slapi_sdn_init_dn_byval(&sdn, dn);
- }
+ slapi_pblock_get (pb, SLAPI_TARGET_SDN, &sdnp);
+ if (NULL == sdnp) {
+ slapi_sdn_init_dn_byval(&sdn,"");
+ sdnp = &sdn;
+ }
- allow = plugin_allow_internal_op (&sdn, plugin);
-
- slapi_sdn_done (&sdn);
+ allow = plugin_allow_internal_op (sdnp, plugin);
+ slapi_sdn_done(&sdn);
+
return allow;
}
diff --git a/ldap/servers/slapd/plugin_syntax.c b/ldap/servers/slapd/plugin_syntax.c
index 2e357b4..adfda4a 100644
--- a/ldap/servers/slapd/plugin_syntax.c
+++ b/ldap/servers/slapd/plugin_syntax.c
@@ -282,7 +282,7 @@ plugin_call_syntax_filter_sub_sv(
*/
int
slapi_dn_syntax_check(
- Slapi_PBlock *pb, char *dn, int override
+ Slapi_PBlock *pb, const char *dn, int override
)
{
int ret = 0;
@@ -312,7 +312,7 @@ slapi_dn_syntax_check(
if (dn_plugin && dn_plugin->plg_syntax_validate != NULL) {
/* Create a berval to pass to the validate function. */
if (dn) {
- dn_bval.bv_val = dn;
+ dn_bval.bv_val = (char *)dn;
dn_bval.bv_len = strlen(dn);
/* Validate the value. */
@@ -459,7 +459,8 @@ slapi_mods_syntax_check(
char errtext[ BUFSIZ ];
char *errp = &errtext[0];
size_t err_remaining = sizeof(errtext);
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
LDAPMod *mod = NULL;
if (mods == NULL) {
@@ -469,7 +470,8 @@ slapi_mods_syntax_check(
if (pb != NULL) {
slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation);
- slapi_pblock_get(pb, SLAPI_TARGET_DN, &dn);
+ slapi_pblock_get(pb, SLAPI_TARGET_SDN, &sdn);
+ dn = slapi_sdn_get_dn(sdn);
}
/* If syntax checking and logging are off, or if this is a
diff --git a/ldap/servers/slapd/proxyauth.c b/ldap/servers/slapd/proxyauth.c
index 9dbcac8..8daa94d 100644
--- a/ldap/servers/slapd/proxyauth.c
+++ b/ldap/servers/slapd/proxyauth.c
@@ -147,10 +147,12 @@ parse_LDAPProxyAuth(struct berval *spec_ber, int version, char **errtextp,
if (rc < 0) {
lderr = LDAP_INVALID_SYNTAX;
} else if (rc == 0) { /* spec->auth_dn is passed in; not terminated */
- *(normed + dnlen) = '\0';
+ *(spec->auth_dn + dnlen) = '\0';
+ slapi_dn_ignore_case(spec->auth_dn);
} else {
slapi_ch_free_string(&spec->auth_dn);
spec->auth_dn = normed;
+ slapi_dn_ignore_case(spec->auth_dn);
}
END
diff --git a/ldap/servers/slapd/psearch.c b/ldap/servers/slapd/psearch.c
index c19d34f..9fc1172 100644
--- a/ldap/servers/slapd/psearch.c
+++ b/ldap/servers/slapd/psearch.c
@@ -291,6 +291,7 @@ ps_send_results( void *arg )
PSEQNode *peq, *peqnext;
struct slapi_filter *filter = 0;
char *base = NULL;
+ Slapi_DN *sdn = NULL;
char *fstr = NULL;
char **pbattrs = NULL;
int conn_acq_flag = 0;
@@ -392,16 +393,16 @@ ps_send_results( void *arg )
plugin_call_plugins( ps->ps_pblock , SLAPI_PLUGIN_POST_SEARCH_FN );
/* free things from the pblock that were not free'd in do_search() */
- /* Free SLAPI_SEARCH_* before deleting op since those are held by op */
- slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_TARGET, &base );
- slapi_pblock_set( ps->ps_pblock, SLAPI_SEARCH_TARGET, NULL );
- slapi_ch_free_string(&base);
-
/* we strdup'd this in search.c - need to free */
slapi_pblock_get( ps->ps_pblock, SLAPI_ORIGINAL_TARGET_DN, &base );
slapi_pblock_set( ps->ps_pblock, SLAPI_ORIGINAL_TARGET_DN, NULL );
slapi_ch_free_string(&base);
+ /* Free SLAPI_SEARCH_* before deleting op since those are held by op */
+ slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_TARGET_SDN, &sdn );
+ slapi_pblock_set( ps->ps_pblock, SLAPI_SEARCH_TARGET_SDN, NULL );
+ slapi_sdn_free(&sdn);
+
slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_STRFILTER, &fstr );
slapi_pblock_set( ps->ps_pblock, SLAPI_SEARCH_STRFILTER, NULL );
slapi_ch_free_string(&fstr);
@@ -525,8 +526,8 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
ber_int_t chgnum )
{
LDAPControl *ctrl = NULL;
- PSearch *ps = NULL;
- PSEQNode *pe = NULL;
+ PSearch *ps = NULL;
+ PSEQNode *pe = NULL;
int matched = 0;
const char *edn;
@@ -534,24 +535,24 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
return;
}
- if ( NULL == e ) {
+ if ( NULL == e ) {
/* For now, some backends such as the chaining backend do not provide a post-op entry */
return;
- }
+ }
- PSL_LOCK_READ();
+ PSL_LOCK_READ();
edn = slapi_entry_get_dn_const(e);
for ( ps = psearch_list ? psearch_list->pl_head : NULL; NULL != ps; ps = ps->ps_next ) {
- Slapi_DN base;
- Slapi_Filter *f;
- char *basedn;
- int scope;
+ char *origbase = NULL;
+ Slapi_DN *base = NULL;
+ Slapi_Filter *f;
+ int scope;
/* Skip the node that doesn't meet the changetype,
* or is unable to use the change in ps_send_results()
*/
- if (( ps->ps_changetypes & chgtype ) == 0 ||
+ if (( ps->ps_changetypes & chgtype ) == 0 ||
ps->ps_pblock->pb_op == NULL ||
slapi_op_abandoned( ps->ps_pblock ) ) {
continue;
@@ -560,14 +561,18 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
slapi_log_error(SLAPI_LOG_CONNS, "Persistent Search",
"conn=%" NSPRIu64 " op=%d entry %s with chgtype %d "
"matches the ps changetype %d\n",
- ps->ps_pblock->pb_conn->c_connid, ps->ps_pblock->pb_op->o_opid,
+ ps->ps_pblock->pb_conn->c_connid,
+ ps->ps_pblock->pb_op->o_opid,
edn, chgtype, ps->ps_changetypes);
slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_FILTER, &f );
- slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_TARGET, &basedn );
+ slapi_pblock_get( ps->ps_pblock, SLAPI_ORIGINAL_TARGET_DN, &origbase );
+ slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_TARGET_SDN, &base );
slapi_pblock_get( ps->ps_pblock, SLAPI_SEARCH_SCOPE, &scope );
- slapi_sdn_init_dn_byref(&base,basedn);
-
+ if (NULL == base) {
+ base = slapi_sdn_new_dn_byref(origbase);
+ slapi_pblock_set(ps->ps_pblock, SLAPI_SEARCH_TARGET_SDN, base);
+ }
/*
* See if the entry meets the scope and filter criteria.
@@ -582,7 +587,7 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
* to the same pblock must be done carefully--there is currently no
* generic satisfactory way to do this.
*/
- if ( slapi_sdn_scope_test( slapi_entry_get_sdn_const(e), &base, scope ) &&
+ if ( slapi_sdn_scope_test( slapi_entry_get_sdn_const(e), base, scope ) &&
slapi_vattr_filter_test( ps->ps_pblock, e, f, 0 /* verify_access */ ) == 0 ) {
PSEQNode *pOldtail;
@@ -601,11 +606,11 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
eprev ? slapi_entry_get_dn_const(eprev) : NULL,
&ctrl );
if ( rc != LDAP_SUCCESS ) {
- char ebuf[ BUFSIZ ];
+ char ebuf[ BUFSIZ ];
LDAPDebug( LDAP_DEBUG_ANY, "ps_service_persistent_searches:"
- " unable to create EntryChangeNotification control for"
- " entry \"%s\" -- control won't be sent.\n",
- escape_string( slapi_entry_get_dn_const(e), ebuf), 0, 0 );
+ " unable to create EntryChangeNotification control for"
+ " entry \"%s\" -- control won't be sent.\n",
+ escape_string( slapi_entry_get_dn_const(e), ebuf), 0, 0 );
}
}
if ( ctrl ) {
@@ -618,29 +623,28 @@ ps_service_persistent_searches( Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t ch
pOldtail = ps->ps_eq_tail;
ps->ps_eq_tail = pe;
if ( NULL == ps->ps_eq_head ) {
- ps->ps_eq_head = ps->ps_eq_tail;
+ ps->ps_eq_head = ps->ps_eq_tail;
}
else {
pOldtail->pe_next = ps->ps_eq_tail;
}
PR_Unlock( ps->ps_lock );
}
- slapi_sdn_done(&base);
}
PSL_UNLOCK_READ();
- /* Were there any matches? */
- if ( matched ) {
+ /* Were there any matches? */
+ if ( matched ) {
ldap_control_free( ctrl );
/* Turn 'em loose */
ps_wakeup_all();
LDAPDebug( LDAP_DEBUG_TRACE, "ps_service_persistent_searches: enqueued entry "
"\"%s\" on %d persistent search lists\n", slapi_entry_get_dn_const(e), matched, 0 );
- } else {
+ } else {
LDAPDebug( LDAP_DEBUG_TRACE, "ps_service_persistent_searches: entry "
"\"%s\" not enqueued on any persistent search lists\n", slapi_entry_get_dn_const(e), 0, 0 );
- }
+ }
}
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
index 61d01d9..6ad1e0d 100644
--- a/ldap/servers/slapd/pw.c
+++ b/ldap/servers/slapd/pw.c
@@ -69,7 +69,7 @@
#define GENERALIZED_TIME_LENGTH 15
static int pw_in_history(Slapi_Value **history_vals, const Slapi_Value *pw_val);
-static int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw );
+static int update_pw_history( Slapi_PBlock *pb, const char *dn, char *old_pw );
static int check_trivial_words (Slapi_PBlock *, Slapi_Entry *, Slapi_Value **,
char *attrtype, int toklen, Slapi_Mods *smods );
static int pw_boolean_str2value (const char *str);
@@ -586,8 +586,9 @@ update_pw_info ( Slapi_PBlock *pb , char *old_pw) {
Slapi_Mods smods;
char *timestr;
time_t pw_exp_date;
- time_t cur_time;
- char *dn;
+ time_t cur_time;
+ const char *dn;
+ Slapi_DN *sdn = NULL;
passwdPolicy *pwpolicy = NULL;
int internal_op = 0;
Slapi_Operation *operation = NULL;
@@ -596,7 +597,8 @@ update_pw_info ( Slapi_PBlock *pb , char *old_pw) {
internal_op = slapi_operation_is_flag_set(operation, SLAPI_OP_FLAG_INTERNAL);
cur_time = current_time();
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
pwpolicy = new_passwdPolicy(pb, dn);
@@ -1062,7 +1064,7 @@ check_pw_syntax_ext ( Slapi_PBlock *pb, const Slapi_DN *sdn, Slapi_Value **vals,
}
static
-int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw ) {
+int update_pw_history( Slapi_PBlock *pb, const char *dn, char *old_pw ) {
time_t t, old_t, cur_time;
int i = 0, oldest = 0;
@@ -1253,7 +1255,8 @@ slapi_add_pwd_control ( Slapi_PBlock *pb, char *arg, long time) {
}
void
-pw_mod_allowchange_aci(int pw_prohibit_change) {
+pw_mod_allowchange_aci(int pw_prohibit_change)
+{
const Slapi_DN *base;
char *values_mod[2];
LDAPMod mod;
@@ -1302,7 +1305,7 @@ pw_mod_allowchange_aci(int pw_prohibit_change) {
** successfully, let's update the
** in-memory acl list
*/
- slapi_pblock_set(&pb, SLAPI_TARGET_DN, (char*)slapi_sdn_get_dn(base) ); /* jcm: cast away const */
+ slapi_pblock_set(&pb, SLAPI_TARGET_SDN, (void *)base);
plugin_call_acl_mods_update (&pb, LDAP_REQ_MODIFY );
}
pblock_done(&pb);
diff --git a/ldap/servers/slapd/pw_retry.c b/ldap/servers/slapd/pw_retry.c
index 573046f..d80de6f 100644
--- a/ldap/servers/slapd/pw_retry.c
+++ b/ldap/servers/slapd/pw_retry.c
@@ -124,13 +124,15 @@ int update_pw_retry ( Slapi_PBlock *pb )
static
void set_retry_cnt_and_time ( Slapi_PBlock *pb, int count, time_t cur_time ) {
- char *dn;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
Slapi_Mods smods;
time_t reset_time;
char *timestr;
passwdPolicy *pwpolicy = NULL;
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
pwpolicy = new_passwdPolicy(pb, dn);
slapi_mods_init(&smods, 0);
@@ -154,10 +156,12 @@ void set_retry_cnt_mods(Slapi_PBlock *pb, Slapi_Mods *smods, int count)
char *timestr;
time_t unlock_time;
char retry_cnt[8]; /* 1-65535 */
- char *dn = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
passwdPolicy *pwpolicy = NULL;
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
pwpolicy = new_passwdPolicy(pb, dn);
if (smods) {
@@ -186,10 +190,12 @@ void set_retry_cnt_mods(Slapi_PBlock *pb, Slapi_Mods *smods, int count)
static
void set_retry_cnt ( Slapi_PBlock *pb, int count) {
- char *dn;
+ const char *dn;
+ Slapi_DN *sdn = NULL;
Slapi_Mods smods;
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
slapi_mods_init(&smods, 0);
set_retry_cnt_mods(pb, &smods, count);
pw_apply_mods(dn, &smods);
@@ -201,12 +207,13 @@ Slapi_Entry *get_entry ( Slapi_PBlock *pb, const char *dn)
{
int search_result = 0;
Slapi_Entry *retentry = NULL;
- Slapi_DN sdn;
+ Slapi_DN *target_sdn = NULL;
+ Slapi_DN sdn = {0};
+
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &target_sdn );
if ((dn == NULL) && pb) {
- char *t;
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &t );
- dn= t;
+ dn = slapi_sdn_get_dn(target_sdn);
}
if (dn == NULL) {
@@ -216,7 +223,14 @@ Slapi_Entry *get_entry ( Slapi_PBlock *pb, const char *dn)
slapi_sdn_init_dn_byref(&sdn, dn);
- if ((search_result = slapi_search_internal_get_entry(&sdn, NULL, &retentry, pw_get_componentID())) != LDAP_SUCCESS){
+ if (slapi_sdn_compare(&sdn, target_sdn)) { /* does not match */
+ target_sdn = &sdn;
+ }
+
+ search_result = slapi_search_internal_get_entry(target_sdn, NULL,
+ &retentry,
+ pw_get_componentID());
+ if (search_result != LDAP_SUCCESS) {
LDAPDebug (LDAP_DEBUG_TRACE, "WARNING: 'get_entry' can't find entry '%s', err %d\n", dn, search_result, 0);
}
slapi_sdn_done(&sdn);
diff --git a/ldap/servers/slapd/rdn.c b/ldap/servers/slapd/rdn.c
index 48d4d9e..0ec2b83 100644
--- a/ldap/servers/slapd/rdn.c
+++ b/ldap/servers/slapd/rdn.c
@@ -132,12 +132,14 @@ _slapi_rdn_init_all_dn_ext(Slapi_RDN *rdn, const Slapi_DN *sdn)
char **dns = NULL;
int rc = 1;
- if (NULL == rdn || NULL == sdn)
- {
+ if (NULL == rdn || NULL == sdn) {
return -1;
}
dn = slapi_sdn_get_dn(sdn);
+ if (NULL == dn) {
+ return -1;
+ }
for (; isspace(*dn) ; dn++) ;
/* Suffix is a part of mapping tree. We should not free it */
@@ -670,7 +672,19 @@ slapi_rdn_get_nrdn(Slapi_RDN *srdn)
}
if (NULL == srdn->nrdn)
{
- normalize_case_helper(srdn->rdn, &srdn->nrdn);
+ if (srdn->all_nrdns && srdn->all_nrdns[0])
+ {
+ srdn->nrdn = slapi_ch_strdup(srdn->all_nrdns[0]);
+ }
+ else if (srdn->all_nrdns && srdn->all_nrdns[0])
+ {
+ srdn->nrdn = slapi_ch_strdup(srdn->all_rdns[0]);
+ slapi_dn_ignore_case(srdn->nrdn);
+ }
+ else
+ {
+ normalize_case_helper(srdn->rdn, &srdn->nrdn);
+ }
}
return (const char *)srdn->nrdn;
}
diff --git a/ldap/servers/slapd/referral.c b/ldap/servers/slapd/referral.c
index 458da81..46ce56d 100644
--- a/ldap/servers/slapd/referral.c
+++ b/ldap/servers/slapd/referral.c
@@ -186,12 +186,13 @@ ref_adjust( Slapi_PBlock *pb, struct berval **urls, const Slapi_DN *refsdn,
int is_reference )
{
int i, len, scope;
+ Slapi_DN *sdn = NULL;
char *p, *opdn_norm;
struct berval **urlscopy;
Operation *op;
if ( NULL == urls || NULL == urls[0] ) {
- return( NULL );
+ return( NULL );
}
PR_ASSERT( pb != NULL );
@@ -200,20 +201,20 @@ ref_adjust( Slapi_PBlock *pb, struct berval **urls, const Slapi_DN *refsdn,
* grab the operation target DN and operation structure.
* if the operation is a search, get the scope as well.
*/
- if ( slapi_pblock_get( pb, SLAPI_TARGET_DN, &p ) != 0 || p == NULL ||
- slapi_pblock_get( pb, SLAPI_OPERATION, &op ) != 0 || op == NULL ||
- ( operation_get_type(op) == SLAPI_OPERATION_SEARCH && slapi_pblock_get( pb,
- SLAPI_SEARCH_SCOPE, &scope ) != 0 )) {
- LDAPDebug( LDAP_DEBUG_ANY, "ref_adjust: referrals suppressed "
- "(could not get target DN, operation, or scope from pblock)\n",
- 0, 0, 0 );
- return( NULL );
+ if ( slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn ) != 0 || sdn == NULL ||
+ slapi_pblock_get( pb, SLAPI_OPERATION, &op ) != 0 || op == NULL ||
+ ( operation_get_type(op) == SLAPI_OPERATION_SEARCH && slapi_pblock_get( pb,
+ SLAPI_SEARCH_SCOPE, &scope ) != 0 )) {
+ LDAPDebug0Args( LDAP_DEBUG_ANY, "ref_adjust: referrals suppressed "
+ "(could not get target DN, operation, "
+ "or scope from pblock)\n" );
+ return( NULL );
}
/*
* normalize the DNs we plan to compare with others later.
*/
- opdn_norm = slapi_dn_normalize( slapi_ch_strdup( p ));
+ opdn_norm = slapi_ch_strdup( slapi_sdn_get_dn(sdn) );
/*
diff --git a/ldap/servers/slapd/result.c b/ldap/servers/slapd/result.c
index 800fb39..a3fff38 100644
--- a/ldap/servers/slapd/result.c
+++ b/ldap/servers/slapd/result.c
@@ -289,8 +289,9 @@ send_ldap_result_ext(
int i, rc, logit = 0;
ber_tag_t tag;
int flush_ber_element = 1;
- Slapi_Operation *operation;
- char *dn;
+ Slapi_Operation *operation;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
int internal_op;
passwdPolicy *pwpolicy = NULL;
@@ -368,8 +369,9 @@ send_ldap_result_ext(
/* invalid password. Update the password retry here */
/* put this here for now. It could be a send_result pre-op plugin. */
if (err == LDAP_INVALID_CREDENTIALS) {
- slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn );
- pwpolicy = new_passwdPolicy(pb, dn);
+ slapi_pblock_get( pb, SLAPI_TARGET_SDN, &sdn );
+ dn = slapi_sdn_get_dn(sdn);
+ pwpolicy = new_passwdPolicy(pb, dn);
if (pwpolicy && (pwpolicy->pw_lockout == 1)) {
update_pw_retry ( pb );
}
diff --git a/ldap/servers/slapd/saslbind.c b/ldap/servers/slapd/saslbind.c
index f9f51df..9e5bc36 100644
--- a/ldap/servers/slapd/saslbind.c
+++ b/ldap/servers/slapd/saslbind.c
@@ -783,6 +783,8 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
sasl_ssf_t *ssfp;
char *activemech = NULL, *mech = NULL;
char *username, *dn = NULL;
+ const char *normdn = NULL;
+ Slapi_DN *sdn = NULL;
const char *sdata, *errstr;
unsigned slen;
int continuing = 0;
@@ -914,7 +916,7 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
propctx = sasl_auxprop_getctx(sasl_conn);
if (prop_getnames(propctx, dn_propnames, dnval) == 1) {
if (dnval[0].values && dnval[0].values[0]) {
- dn = slapi_ch_strdup(dnval[0].values[0]);
+ dn = slapi_ch_smprintf("%s", dnval[0].values[0]);
}
}
if (dn == NULL) {
@@ -924,8 +926,15 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
break;
}
- slapi_pblock_set( pb, SLAPI_BIND_TARGET, slapi_ch_strdup( dn ) );
- /* see if we negotiated a security layer */
+ /* clean up already set TARGET */
+ slapi_pblock_get(pb, SLAPI_BIND_TARGET_SDN, &sdn);
+ slapi_sdn_free(&sdn);
+
+ sdn = slapi_sdn_new_dn_passin(dn);
+ normdn = slapi_sdn_get_dn(sdn);
+
+ slapi_pblock_set( pb, SLAPI_BIND_TARGET_SDN, sdn );
+
if ((sasl_getprop(sasl_conn, SASL_SSF,
(const void**)&ssfp) == SASL_OK) && (*ssfp > 0)) {
LDAPDebug(LDAP_DEBUG_TRACE, "sasl ssf=%u\n", (unsigned)*ssfp, 0, 0);
@@ -947,7 +956,9 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
/* set the connection bind credentials */
PR_snprintf(authtype, sizeof(authtype), "%s%s", SLAPD_AUTH_SASL, mech);
- bind_credentials_set_nolock(pb->pb_conn, authtype, dn,
+ /* normdn is consumed by bind_credentials_set_nolock */
+ bind_credentials_set_nolock(pb->pb_conn, authtype,
+ slapi_ch_strdup(normdn),
NULL, NULL, NULL, bind_target_entry);
PR_Unlock(pb->pb_conn->c_mutex); /* BIG LOCK */
@@ -956,12 +967,12 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
break;
}
- isroot = slapi_dn_isroot(dn);
+ isroot = slapi_dn_isroot(normdn);
if (!isroot )
{
/* check if the account is locked */
- bind_target_entry = get_entry(pb, dn);
+ bind_target_entry = get_entry(pb, normdn);
if ( bind_target_entry == NULL )
{
goto out;
@@ -975,7 +986,7 @@ void ids_sasl_check_bind(Slapi_PBlock *pb)
slapi_pblock_get(pb, SLAPI_REQCONTROLS, &ctrls);
if (slapi_control_present(ctrls, LDAP_CONTROL_AUTH_REQUEST,
NULL, NULL)) {
- slapi_add_auth_response_control(pb, dn);
+ slapi_add_auth_response_control(pb, normdn);
}
if (slapi_mapping_tree_select(pb, &be, &referral, errorbuf) != LDAP_SUCCESS) {
diff --git a/ldap/servers/slapd/search.c b/ldap/servers/slapd/search.c
index ff4de17..6da7aa0 100644
--- a/ldap/servers/slapd/search.c
+++ b/ldap/servers/slapd/search.c
@@ -79,9 +79,6 @@ do_search( Slapi_PBlock *pb )
int send_entchg_controls;
int changesonly = 0;
int rc = -1;
- char *original_base = 0;
- char *new_base = 0;
- size_t baselen = 0;
int strict = 0;
LDAPDebug( LDAP_DEBUG_TRACE, "do_search\n", 0, 0, 0 );
@@ -138,24 +135,12 @@ do_search( Slapi_PBlock *pb )
return;
}
}
- rc = slapi_dn_normalize_ext(rawbase, 0, &base, &baselen);
- if (rc < 0) {
- op_shared_log_error_access(pb, "SRCH",
- rawbase?rawbase:"", "invalid dn");
- send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX,
- NULL, "invalid dn", 0, NULL);
- slapi_ch_free((void **) &rawbase);
- return;
- } else if (rc > 0) { /* if rc == 0, rawbase is passed in */
- slapi_ch_free((void **) &rawbase);
- } else { /* rc == 0; rawbase is passed in; not null terminated */
- *(base + baselen) = '\0';
- }
/* If anonymous access is only allowed for searching the root DSE,
* we need to reject any other anonymous search attempts. */
- if ((slapi_sdn_get_dn(&(operation->o_sdn)) == NULL) && ((baselen != 0) || (scope != LDAP_SCOPE_BASE))
- && (config_get_anon_access_switch() == SLAPD_ANON_ACCESS_ROOTDSE)) {
+ if ((slapi_sdn_get_dn(&(operation->o_sdn)) == NULL) &&
+ (scope != LDAP_SCOPE_BASE) &&
+ (config_get_anon_access_switch() == SLAPD_ANON_ACCESS_ROOTDSE)) {
op_shared_log_error_access(pb, "SRCH", base?base:"", "anonymous search not allowed");
send_ldap_result( pb, LDAP_INAPPROPRIATE_AUTH, NULL,
@@ -178,7 +163,7 @@ do_search( Slapi_PBlock *pb )
&& scope != LDAP_SCOPE_SUBTREE ) {
log_search_access (pb, base, scope, "???", "Unknown search scope");
send_ldap_result( pb, LDAP_PROTOCOL_ERROR, NULL,
- "Unknown search scope", 0, NULL );
+ "Unknown search scope", 0, NULL );
goto free_and_return;
}
/* check and record the scope for snmp */
@@ -370,8 +355,7 @@ do_search( Slapi_PBlock *pb )
}
}
- slapi_pblock_set( pb, SLAPI_SEARCH_TARGET, base );
- slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET_DN, slapi_ch_strdup(base) );
+ slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET_DN, rawbase );
slapi_pblock_set( pb, SLAPI_SEARCH_SCOPE, &scope );
slapi_pblock_set( pb, SLAPI_SEARCH_DEREF, &deref );
slapi_pblock_set( pb, SLAPI_SEARCH_FILTER, filter );
@@ -383,16 +367,8 @@ do_search( Slapi_PBlock *pb )
slapi_pblock_set( pb, SLAPI_SEARCH_SIZELIMIT, &sizelimit );
slapi_pblock_set( pb, SLAPI_SEARCH_TIMELIMIT, &timelimit );
- /* plugins which play with the search may
- * change the search params may allocate
- * memory so we need to keep track of
- * changed base search strings
- */
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &original_base);
-
op_shared_search (pb, psearch ? 0 : 1/* send result */);
- slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &new_base);
slapi_pblock_get (pb, SLAPI_PLUGIN_OPRETURN, &rc);
slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, &filter );
@@ -402,10 +378,6 @@ do_search( Slapi_PBlock *pb )
free_and_return:;
if ( !psearch || rc < 0 ) {
- if(original_base != new_base) {
- slapi_ch_free_string(&new_base);
- }
- slapi_ch_free_string(&base);
slapi_ch_free_string(&fstr);
slapi_filter_free( filter, 1 );
charray_free( attrs ); /* passing NULL is fine */
@@ -418,8 +390,8 @@ free_and_return:;
operation->o_flags &= ~OP_FLAG_PS;
}
/* we strdup'd this above - need to free */
- slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &base);
- slapi_ch_free_string(&base);
+ slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &rawbase);
+ slapi_ch_free_string(&rawbase);
}
}
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index 98ba79c..ea60f1f 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -586,9 +586,10 @@ typedef int (*SyntaxEnumFunc)(char **names, Slapi_PluginDesc *plugindesc,
struct slapi_dn
{
unsigned char flag;
- const char *dn; /* DN [normalized] */
+ const char *udn; /* DN [original] */
+ const char *dn; /* Normalised DN */
const char *ndn; /* Case Normalised DN */
- int ndn_len; /* normalized dn length */
+ int ndn_len; /* normalized dn length */
};
/*
diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
index 862a23b..8de0256 100644
--- a/ldap/servers/slapd/slapi-plugin.h
+++ b/ldap/servers/slapd/slapi-plugin.h
@@ -709,13 +709,13 @@ int slapi_pblock_get( Slapi_PBlock *pb, int arg, void *value );
* <tt>char **arrays</tt>, <tt>#Slapi_Backend *</tt>, etc.), you can pass
* in the value directly. For example:
* \code
- * char *target_dn = slapi_ch_strdup(some_dn);
- * slapi_pblock_set(pb, SLAPI_TARGET_DN, target_dn);
+ * Slapi_DN *target_sdn = slapi_sdn_dup(some_sdn);
+ * slapi_pblock_set(pb, SLAPI_TARGET_SDN, target_sdn);
* \endcode
*
* \warning or
* \code
- * slapi_pblock_set(pb, SLAPI_TARGET_DN, NULL);
+ * slapi_pblock_set(pb, SLAPI_TARGET_SDN, NULL);
* \endcode
*
* \warning With some compilers, you will have to cast the value argument to
@@ -801,6 +801,7 @@ void slapi_pblock_destroy( Slapi_PBlock *pb );
* \arg #SLAPI_STR2ENTRY_NO_SCHEMA_LOCK
* \arg #SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT
* \arg #SLAPI_STR2ENTRY_NO_ENTRYDN
+ * \arg #SLAPI_STR2ENTRY_DN_NORMALIZED
*
* \return A pointer to the #Slapi_Entry structure representing the entry.
* \return \c NULL if the string cannot be converted; for example, if no DN is
@@ -922,6 +923,15 @@ Slapi_Entry *slapi_str2entry_ext( const char *dn, char *s, int flags );
#define SLAPI_STR2ENTRY_NO_ENTRYDN 1024
/**
+ * Passed DN is already normalized.
+ *
+ * If this flag is set, str2entry assumes passed DN is already normalized.
+ *
+ * \see slapi_str2entry()
+ */
+#define SLAPI_STR2ENTRY_DN_NORMALIZED 2048
+
+/**
* Generates a description of an entry as an LDIF string.
*
* This function behaves much like slapi_entry2str(); however, you can specify
@@ -1119,6 +1129,12 @@ Slapi_Entry *slapi_entry_alloc(void);
*/
void slapi_entry_init(Slapi_Entry *e, char *dn, Slapi_Attr *a);
+/*
+ * Initializes the values of an entry with the Slapi_DN and attribute value
+ * pairs you supply.
+ */
+void slapi_entry_init_ext(Slapi_Entry *e, Slapi_DN *sdn, Slapi_Attr *a);
+
/**
* Frees an entry, its DN, and its attributes from memory.
*
@@ -1289,6 +1305,23 @@ const char *slapi_entry_get_nrdn_const( const Slapi_Entry *e );
void slapi_entry_set_dn( Slapi_Entry *e, char *dn );
/**
+ * Sets the normalized distinguished name (DN) of an entry.
+ *
+ * This function sets the DN pointer in the specified entry to the DN that you supply. The DN should have been normalized.
+ *
+ * \param e Entry to which you want to assign the DN.
+ * \param dn Distinguished name you want assigned to the entry.
+ * \warning The dn will be freed eventually when slapi_entry_free() is called.
+ * \warning A copy of dn should be passed. For example:
+ *
+ * \warning The old dn will be freed as a result of this call. Do not pass in
+ * a \c NULL value.
+ * \see slapi_entry_free()
+ * \see slapi_entry_get_dn()
+ */
+void slapi_entry_set_normdn( Slapi_Entry *e, char *normdn );
+
+/**
* Sets the relative distinguished name (RDN) of an entry.
*
* This function sets the RDN pointer in the specified entry to the RDN that
@@ -1477,7 +1510,7 @@ int slapi_entry_syntax_check( Slapi_PBlock *pb, Slapi_Entry *e, int override );
* is also used to check if the #SLAPI_IS_REPLICATED_OPERATION flag is
* set. If that flag is present, no syntax checking is performed.
*/
-int slapi_dn_syntax_check( Slapi_PBlock *pb, char *dn, int override );
+int slapi_dn_syntax_check( Slapi_PBlock *pb, const char *dn, int override );
/**
* Determines if any values being added to an entry violate the syntax rules
@@ -2180,14 +2213,14 @@ Slapi_DN *slapi_sdn_new_ndn_byval(const char *ndn);
Slapi_DN *slapi_sdn_new_dn_byref(const char *dn);
/**
- * Creates a new \c Slapi_DN structure and intializes it's normalized DN to a requested value.
+ * Creates a new \c Slapi_DN structure and intializes it's normalized and case ignored DN to a requested value.
*
- * The normalized DN of the new structure will point to the same string pointed to by \c ndn.
- * The normalized DN value is passed in to the parameter by reference.
+ * The normalized and case ignored DN of the new structure will point to the same string pointed to by \c ndn.
+ * The normalized and case ignored DN value is passed in to the parameter by reference.
*
- * \param ndn The normalized DN value to be set in the new \c Slapi_DN structure.
+ * \param ndn The normalized and case ignored DN value to be set in the new \c Slapi_DN structure.
* \return A pointer to the newly allocated \c Slapi_DN structure with
- * the normalized DN value set to the content of \c ndn.
+ * the normalized and case ignored DN value set to the content of \c ndn.
* \warning The caller is still responsible for the memory used by \c ndn. This
* memory should not be freed until the returned \c Slapi_DN has been
* disposed of or reinitialized.
@@ -2219,6 +2252,60 @@ Slapi_DN *slapi_sdn_new_ndn_byref(const char *ndn);
Slapi_DN *slapi_sdn_new_dn_passin(const char *dn);
/**
+ * Creates a new \c Slapi_DN structure and intializes it's normalized DN to a requested value.
+ *
+ * The DN of the new structure will point to the same string pointed to by \c normdn.
+ * The normalized DN value is passed in to the parameter by reference.
+ *
+ * \param normdn The normalized DN value to be set in the new \c Slapi_DN structure.
+ * \return A pointer to the newly allocated \c Slapi_DN structure with
+ * the normalized DN value set to the content of \c normdn.
+ * \warning The caller is still responsible for the memory used by \c normdn.
+ * This memory should not be freed until the returned \c Slapi_DN
+ * has been disposed of or reinitialized.
+ * \see slapi_sdn_free()
+ * \see slapi_sdn_copy()
+ * \see slapi_sdn_done()
+ */
+Slapi_DN *slapi_sdn_new_normdn_byref(const char *normdn);
+
+/**
+ * Creates a new \c Slapi_DN structure and intializes it's normalized DN to a requested value.
+ *
+ * The DN of the new structure will point to the same string pointed to by \c normdn.
+ * Ownership of the memory pointed to by \c normdn is tranferred to the Slapi_DN.
+ *
+ * \param normdn The DN value to be set in the new \c Slapi_DN structure.
+ * \return A pointer to the newly allocated \c Slapi_DN structure with
+ * a DN value set to the content of \c dn.
+ * \warning The caller is no longer responsible for the memory used by \c dn.
+ * This memory should not be freed directly. It will be freed when
+ * the \c Slapi_DN is properly disposed of.
+ * \see slapi_sdn_free()
+ * \see slapi_sdn_copy()
+ * \see slapi_sdn_done()
+ */
+Slapi_DN *slapi_sdn_new_normdn_passin(const char *dn);
+
+/**
+ * Creates a new \c Slapi_DN structure and intializes it's normalized DN to a requested value.
+ *
+ * The DN of the new structure will point to the duplicated string of \c normdn.
+ * Ownership of the memory pointed to by \c normdn is tranferred to the Slapi_DN.
+ *
+ * \param normdn The copy of the DN value to be set in the new \c Slapi_DN structure.
+ * \return A pointer to the newly allocated \c Slapi_DN structure with
+ * a DN value set to the content of \c dn.
+ * \warning The caller is no longer responsible for the memory used by \c dn.
+ * This memory should not be freed directly. It will be freed when
+ * the \c Slapi_DN is properly disposed of.
+ * \see slapi_sdn_free()
+ * \see slapi_sdn_copy()
+ * \see slapi_sdn_done()
+ */
+Slapi_DN *slapi_sdn_new_normdn_byval(const char *dn);
+
+/**
* Sets a DN value in a \c Slapi_DN structure.
*
* The DN of the structure will point to a copy of the string pointed to by
@@ -2271,6 +2358,56 @@ Slapi_DN *slapi_sdn_set_dn_passin(Slapi_DN *sdn, const char *dn);
/**
* Sets a normalized DN value in a \c Slapi_DN structure.
*
+ * The DN of the structure will point to the same string pointed to by \c normdn.
+ * The normalized DN value is passed in to the parameter by reference.
+ *
+ * \param sdn The target \c Slapi_DN structure.
+ * \param normdn The normalized DN value to be set in \c sdn.
+ * \return A pointer to the \c Slapi_DN structure containing the new DN value.
+ * \warning The caller is still responsible for the memory used by \c normdn.
+ * This memory should not be freed until the returned \c Slapi_DN
+ * has been disposed of or reinitialized.
+ * \see slapi_sdn_set_dn_byref()
+ */
+Slapi_DN *slapi_sdn_set_normdn_byref(Slapi_DN *sdn, const char *normdn);
+
+/**
+ * Sets a normalized DN value in a \c Slapi_DN structure.
+ *
+ * The DN of the structure will point to the same string pointed to by \c normdn.
+ * Ownership of the memory pointed to by \c normdn is tranferred to the Slapi_DN.
+ *
+ * \param sdn The target \c Slapi_DN structure.
+ * \param normdn The normalized DN value to be set in \c sdn.
+ * \return A pointer to the \c Slapi_DN structure containing the new DN value.
+ * \warning The caller is no longer responsible for the memory used by \c normdn.
+ * This memory should not be freed directly. It will be freed when
+ * the \c Slapi_DN is properly disposed of.
+ * \see slapi_sdn_set_dn_passin()
+ */
+Slapi_DN *slapi_sdn_set_normdn_passin(Slapi_DN *sdn, const char *dn);
+
+/**
+ * Sets a normalized DN value in a \c Slapi_DN structure.
+ *
+ * The normalized DN of the structure will point to a copy of the string
+ * pointed to by \c dn. The normalized DN value is passed in to the parameter
+ * by value.
+ * Ownership of the memory pointed to by \c normdn is tranferred to the Slapi_DN.
+ *
+ * \param sdn The target \c Slapi_DN structure.
+ * \param normdn The normalized DN value to be set in \c sdn.
+ * \return A pointer to the \c Slapi_DN structure containing the new DN value.
+ * \warning The caller is no longer responsible for the memory used by \c normdn.
+ * This memory should not be freed directly. It will be freed when
+ * the \c Slapi_DN is properly disposed of.
+ * \see slapi_sdn_set_dn_passin()
+ */
+Slapi_DN *slapi_sdn_set_normdn_byval(Slapi_DN *sdn, const char *dn);
+
+/**
+ * Sets a normalized and case ignored DN value in a \c Slapi_DN structure.
+ *
* The normalized DN of the structure will point to a copy of the string
* pointed to by \c ndn. The normalized DN value is passed in to the parameter
* by value.
@@ -2324,33 +2461,52 @@ void slapi_sdn_done(Slapi_DN *sdn);
void slapi_sdn_free(Slapi_DN **sdn);
/**
- * Retrieves the DN value of a \c Slapi_DN structure.
+ * Retrieves the normalized DN value of a \c Slapi_DN structure.
+ *
+ * If the structure does not contain a normalized DN yet, it will normalize
+ * the un-normalized DN and set it in the structure.
*
* \param sdn The \c Slapi_DN strucure containing the DN value.
* \return A pointer to the DN value if one is set.
- * \return A pointer to the normalized DN value if one is set and no
+ * \return A pointer to the normalized and case ignored DN value if one is set and no
* DN value is set.
- * \return \c NULL if no DN or normalized DN value is set.
+ * \return \c NULL if no normalized DN or normalized and case ignored DN value is set.
* \warning The pointer returned is the actual value from the structure, not a copy.
* \see slapi_sdn_get_ndn()
+ * \see slapi_sdn_get_udn()
*/
const char * slapi_sdn_get_dn(const Slapi_DN *sdn);
/**
- * Retrieves the normalized DN value of a \c Slapi_DN structure.
+ * Retrieves the normalized and case ignored DN value of a \c Slapi_DN structure.
*
- * If the structure does not contain a normalized DN yet, it will normalize
- * the DN and set it in the structure.
+ * If the structure does not contain a normalized and case ignored DN yet,
+ * it will normalize and case ignore the DN and set it in the structure.
*
- * \param sdn The \c Slapi_DN strucure containing the normalized DN value.
+ * \param sdn The \c Slapi_DN strucure containing the normalized and case ignored DN value.
* \return The normalized DN value.
* \return \c NULL if no DN or normalized DN value is set.
* \warning The pointer returned is the actual value from the structure, not a copy.
* \see slapi_sdn_get_dn()
+ * \see slapi_sdn_get_udn()
*/
const char * slapi_sdn_get_ndn(const Slapi_DN *sdn);
/**
+ * Retrieves the un-normalized DN value of a \c Slapi_DN structure.
+ *
+ * \param sdn The \c Slapi_DN strucure containing the DN value.
+ * \return A pointer to the DN value if one is set.
+ * \return A pointer to the normalized DN value if one is set and no
+ * DN value is set.
+ * \return \c NULL if no DN or normalized DN value is set.
+ * \warning The pointer returned is the actual value from the structure, not a copy.
+ * \see slapi_sdn_get_dn()
+ * \see slapi_sdn_get_ndn()
+ */
+const char * slapi_sdn_get_udn(const Slapi_DN *sdn);
+
+/**
* Fills in an existing \c Slapi_DN structure with the parent DN of the passed in \c Slapi_DN.
*
* \param sdn Pointer to the \c Slapi_DN structure containing the DN whose parent is desired.
@@ -2554,7 +2710,7 @@ Slapi_DN *slapi_sdn_set_parent(Slapi_DN *sdn, const Slapi_DN *parentdn);
* in \c newrdn in front of the content of this parameter.
* \return The new DN for the entry whose previous DN was \c dn_olddn.
*/
-char * slapi_moddn_get_newdn(Slapi_DN *dn_olddn, char *newrdn, char *newsuperiordn);
+char * slapi_moddn_get_newdn(Slapi_DN *dn_olddn, const char *newrdn, const char *newsuperiordn);
Slapi_DN *slapi_sdn_add_rdn(Slapi_DN *sdn, const Slapi_RDN *rdn);
@@ -3166,6 +3322,16 @@ char *slapi_create_dn_string(const char *fmt, ...);
char *slapi_create_dn_string_case(const char *fmt, ...);
/**
+ * Generates a valid value of RDN string
+ *
+ * \param fmt The format used to generate a value of RDN string.
+ * \param ... The arguments to generate an RDN string.
+ * \return A pointer to the generated RDN value.
+ * \return NULL if failed.
+ */
+char *slapi_create_rdn_value(const char *fmt, ...);
+
+/**
* Converts a DN to lowercase.
*
* \param dn The DN to convert.
@@ -5100,10 +5266,25 @@ int slapi_add_internal_set_pb(Slapi_PBlock *pb, const char *dn,
void slapi_modify_internal_set_pb(Slapi_PBlock *pb, const char *dn,
LDAPMod **mods, LDAPControl **controls, const char *uniqueid,
Slapi_ComponentId *plugin_identity, int operation_flags);
-void slapi_rename_internal_set_pb(Slapi_PBlock *pb, const char *olddn,
- const char *newrdn, const char *newsuperior, int deloldrdn,
+/**
+ * Set \c Slapi_PBlock to perform modrdn/rename internally
+ *
+ * \param pblock - Slapi_PBlock to be set
+ * \param olddn - original dn to be renamed; it should have been normalized
+ * \param newrdn - new leaf rdn if any; it should have been normalized
+ * \param newsuperior - new parent dn if any; it should have been normalized
+ * \param deloldrdn \c 0 - keep original rdn \c non-zero - delete original rdn
+ * \param controls
+ * \param uniqueid
+ * \param plugin_identity
+ * \param operation_flags
+ */
+void slapi_rename_internal_set_pb_ext(Slapi_PBlock *pb,
+ const Slapi_DN *olddn, const char *newrdn,
+ const Slapi_DN *newsuperior, int deloldrdn,
LDAPControl **controls, const char *uniqueid,
Slapi_ComponentId *plugin_identity, int operation_flags);
+
void slapi_delete_internal_set_pb(Slapi_PBlock *pb, const char *dn,
LDAPControl **controls, const char *uniqueid,
Slapi_ComponentId *plugin_identity, int operation_flags);
@@ -5810,6 +5991,7 @@ time_t slapi_current_time( void );
/* operation */
#define SLAPI_OPINITIATED_TIME 140
#define SLAPI_REQUESTOR_DN 141
+#define SLAPI_REQUESTOR_NDN 156
#define SLAPI_OPERATION_PARAMETERS 138
#define SLAPI_OPERATION_TYPE 590
#define SLAPI_OPERATION_AUTHTYPE 741
@@ -6083,7 +6265,10 @@ typedef struct slapi_plugindesc {
/* arguments that are common to all operation */
#define SLAPI_TARGET_ADDRESS 48 /* target address (dn + uniqueid) should be normalized */
#define SLAPI_TARGET_UNIQUEID 49 /* target uniqueid of the operation */
-#define SLAPI_TARGET_DN 50 /* target dn of the operation should be normalized */
+#define SLAPI_TARGET_DN 50 /* DEPRECATED. target dn of the operation.
+ It actually points DN in SLAPI_TARGET_SDN. */
+#define SLAPI_TARGET_SDN 47 /* target sdn of the operation */
+
#define SLAPI_REQCONTROLS 51 /* request controls */
/* Copies of entry before and after add, mod, mod[r]dn operations */
@@ -6121,7 +6306,8 @@ typedef struct slapi_plugindesc {
#define SLAPI_DESTROY_CONTENT 59
/* add arguments */
-#define SLAPI_ADD_TARGET SLAPI_TARGET_DN
+#define SLAPI_ADD_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_ADD_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_ADD_ENTRY 60
#define SLAPI_ADD_EXISTING_DN_ENTRY 61
#define SLAPI_ADD_PARENT_ENTRY 62
@@ -6129,7 +6315,8 @@ typedef struct slapi_plugindesc {
#define SLAPI_ADD_EXISTING_UNIQUEID_ENTRY 64
/* bind arguments */
-#define SLAPI_BIND_TARGET SLAPI_TARGET_DN
+#define SLAPI_BIND_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_BIND_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_BIND_METHOD 70
#define SLAPI_BIND_CREDENTIALS 71 /* v3 only */
#define SLAPI_BIND_SASLMECHANISM 72 /* v3 only */
@@ -6137,27 +6324,32 @@ typedef struct slapi_plugindesc {
#define SLAPI_BIND_RET_SASLCREDS 73 /* v3 only */
/* compare arguments */
-#define SLAPI_COMPARE_TARGET SLAPI_TARGET_DN
+#define SLAPI_COMPARE_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_COMPARE_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_COMPARE_TYPE 80
#define SLAPI_COMPARE_VALUE 81
/* delete arguments */
-#define SLAPI_DELETE_TARGET SLAPI_TARGET_DN
+#define SLAPI_DELETE_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_DELETE_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_DELETE_EXISTING_ENTRY SLAPI_ADD_EXISTING_DN_ENTRY
#define SLAPI_DELETE_GLUE_PARENT_ENTRY SLAPI_ADD_PARENT_ENTRY
#define SLAPI_DELETE_BEPREOP_ENTRY SLAPI_ENTRY_PRE_OP
#define SLAPI_DELETE_BEPOSTOP_ENTRY SLAPI_ENTRY_POST_OP
/* modify arguments */
-#define SLAPI_MODIFY_TARGET SLAPI_TARGET_DN
+#define SLAPI_MODIFY_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_MODIFY_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_MODIFY_MODS 90
#define SLAPI_MODIFY_EXISTING_ENTRY SLAPI_ADD_EXISTING_DN_ENTRY
/* modrdn arguments */
-#define SLAPI_MODRDN_TARGET SLAPI_TARGET_DN
+#define SLAPI_MODRDN_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_MODRDN_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_MODRDN_NEWRDN 100
#define SLAPI_MODRDN_DELOLDRDN 101
#define SLAPI_MODRDN_NEWSUPERIOR 102 /* v3 only */
+#define SLAPI_MODRDN_NEWSUPERIOR_SDN 103 /* v3 only */
#define SLAPI_MODRDN_EXISTING_ENTRY SLAPI_ADD_EXISTING_DN_ENTRY
#define SLAPI_MODRDN_PARENT_ENTRY 104
#define SLAPI_MODRDN_NEWPARENT_ENTRY 105
@@ -6172,7 +6364,8 @@ typedef struct slapi_plugindesc {
#define SLAPI_ORIGINAL_TARGET SLAPI_ORIGINAL_TARGET_DN
/* search arguments */
-#define SLAPI_SEARCH_TARGET SLAPI_TARGET_DN
+#define SLAPI_SEARCH_TARGET SLAPI_TARGET_DN /* DEPRECATED */
+#define SLAPI_SEARCH_TARGET_SDN SLAPI_TARGET_SDN
#define SLAPI_SEARCH_SCOPE 110
#define SLAPI_SEARCH_DEREF 111
#define SLAPI_SEARCH_SIZELIMIT 112
diff --git a/ldap/servers/slapd/slapi-private.h b/ldap/servers/slapd/slapi-private.h
index 6f1e2ca..a5f6d8e 100644
--- a/ldap/servers/slapd/slapi-private.h
+++ b/ldap/servers/slapd/slapi-private.h
@@ -376,7 +376,9 @@ Slapi_DN *slapi_sdn_init_dn_byval(Slapi_DN *sdn,const char *dn);
Slapi_DN *slapi_sdn_init_dn_passin(Slapi_DN *sdn,const char *dn);
Slapi_DN *slapi_sdn_init_ndn_byref(Slapi_DN *sdn,const char *dn);
Slapi_DN *slapi_sdn_init_ndn_byval(Slapi_DN *sdn,const char *dn);
-Slapi_DN *slapi_sdn_init_dn_ndn_byref(Slapi_DN *sdn,const char *dn);
+Slapi_DN *slapi_sdn_init_normdn_byref(Slapi_DN *sdn, const char *dn);
+Slapi_DN *slapi_sdn_init_normdn_ndn_passin(Slapi_DN *sdn, const char *dn);
+Slapi_DN *slapi_sdn_init_normdn_passin(Slapi_DN *sdn, const char *dn);
char *slapi_dn_normalize_original( char *dn );
char *slapi_dn_normalize_case_original( char *dn );
@@ -520,10 +522,10 @@ int test_presence_filter( Slapi_PBlock *pb, Slapi_Entry *e, char *type,
/* this structure allows to address entry by dn or uniqueid */
typedef struct entry_address
{
- char *dn;
char *udn; /* unnormalized dn */
char *uniqueid;
-}entry_address;
+ Slapi_DN *sdn;
+} entry_address;
/*
* LDAP Operation input parameters.
diff --git a/ldap/servers/slapd/task.c b/ldap/servers/slapd/task.c
index 999d004..e3db267 100644
--- a/ldap/servers/slapd/task.c
+++ b/ldap/servers/slapd/task.c
@@ -106,6 +106,8 @@ static const char *fetch_attr(Slapi_Entry *e, const char *attrname,
static Slapi_Entry *get_internal_entry(Slapi_PBlock *pb, char *dn);
static void modify_internal_entry(char *dn, LDAPMod **mods);
+static int task_charray_normdn_add(char ***chararray, char *dn, char *type);
+
/***********************************
* Public Functions
***********************************/
@@ -779,13 +781,25 @@ static int task_import_add(Slapi_PBlock *pb, Slapi_Entry *e,
if (slapi_entry_attr_find(e, "nsIncludeSuffix", &attr) == 0) {
for (idx = slapi_attr_first_value(attr, &val);
idx >= 0; idx = slapi_attr_next_value(attr, idx, &val)) {
- charray_add(&include, slapi_ch_strdup(slapi_value_get_string(val)));
+ rv = task_charray_normdn_add(&include,
+ (char *)slapi_value_get_string(val),
+ "nsIncludeSuffix");
+ if (0 != rv) {
+ *returncode = LDAP_PARAM_ERROR;
+ return SLAPI_DSE_CALLBACK_ERROR;
+ }
}
}
if (slapi_entry_attr_find(e, "nsExcludeSuffix", &attr) == 0) {
for (idx = slapi_attr_first_value(attr, &val);
idx >= 0; idx = slapi_attr_next_value(attr, idx, &val)) {
- charray_add(&exclude, slapi_ch_strdup(slapi_value_get_string(val)));
+ rv = task_charray_normdn_add(&exclude,
+ (char *)slapi_value_get_string(val),
+ "nsExcludeSuffix");
+ if (0 != rv) {
+ *returncode = LDAP_PARAM_ERROR;
+ return SLAPI_DSE_CALLBACK_ERROR;
+ }
}
}
@@ -1090,13 +1104,25 @@ static int task_export_add(Slapi_PBlock *pb, Slapi_Entry *e,
if (slapi_entry_attr_find(e, "nsIncludeSuffix", &attr) == 0) {
for (idx = slapi_attr_first_value(attr, &val);
idx >= 0; idx = slapi_attr_next_value(attr, idx, &val)) {
- charray_add(&include, slapi_ch_strdup(slapi_value_get_string(val)));
+ rv = task_charray_normdn_add(&include,
+ (char *)slapi_value_get_string(val),
+ "nsIncludeSuffix");
+ if (0 != rv) {
+ *returncode = LDAP_PARAM_ERROR;
+ goto out;
+ }
}
}
if (slapi_entry_attr_find(e, "nsExcludeSuffix", &attr) == 0) {
for (idx = slapi_attr_first_value(attr, &val);
idx >= 0; idx = slapi_attr_next_value(attr, idx, &val)) {
- charray_add(&exclude, slapi_ch_strdup(slapi_value_get_string(val)));
+ rv = task_charray_normdn_add(&exclude,
+ (char *)slapi_value_get_string(val),
+ "nsExcludeSuffix");
+ if (0 != rv) {
+ *returncode = LDAP_PARAM_ERROR;
+ goto out;
+ }
}
}
@@ -1916,3 +1942,23 @@ void task_shutdown(void)
}
PR_Unlock(global_task_lock);
}
+
+static int
+task_charray_normdn_add(char ***chararray, char *dn, char *type)
+{
+ int rc = 0;
+ size_t len = 0;
+ char *normdn = NULL;
+ rc = slapi_dn_normalize_ext(dn, 0, &normdn, &len);
+ if (rc < 0) {
+ LDAPDebug(LDAP_DEBUG_ANY, "Invalid dn: %s: %s\n", type, dn, 0);
+ return rc;
+ } else if (0 == rc) {
+ /* rc == 0; optarg_extawdn is passed in;
+ * not null terminated */
+ *(dn + len) = '\0';
+ normdn = slapi_ch_strdup(dn);
+ }
+ charray_add(chararray, slapi_dn_ignore_case(normdn));
+ return rc;
+}
diff --git a/ldap/servers/slapd/tools/ldclt/ldapfct.c b/ldap/servers/slapd/tools/ldclt/ldapfct.c
index 23d0a04..4d58d88 100644
--- a/ldap/servers/slapd/tools/ldclt/ldapfct.c
+++ b/ldap/servers/slapd/tools/ldclt/ldapfct.c
@@ -1764,10 +1764,7 @@ error:
}
done:
- /*
- * Normal end
- */
- return (0);
+ return rc;
}
diff --git a/lib/libaccess/lasdns.cpp b/lib/libaccess/lasdns.cpp
index a81f680..6956878 100644
--- a/lib/libaccess/lasdns.cpp
+++ b/lib/libaccess/lasdns.cpp
@@ -151,6 +151,7 @@ LASDnsBuild(NSErr_t *errp, char *attr_pattern, LASDnsContext_t *context, int ali
#else
PRHostEnt *he, host;
#endif
+ char *end_attr_pattern;
if (attr_pattern == NULL) {
nserrGenerate(errp, ACLERRINVAL, ACLERR4770, ACL_Program, 1,
@@ -172,6 +173,7 @@ LASDnsBuild(NSErr_t *errp, char *attr_pattern, LASDnsContext_t *context, int ali
return LAS_EVAL_INVALID;
}
+ end_attr_pattern = attr_pattern + strlen(attr_pattern);
do {
size_t maxsize = sizeof(token);
/* Get a single hostname from the pattern string */
@@ -183,8 +185,10 @@ LASDnsBuild(NSErr_t *errp, char *attr_pattern, LASDnsContext_t *context, int ali
token[delimiter] = '\0';
/* Skip any white space after the token */
- attr_pattern += delimiter;
- attr_pattern += strspn(attr_pattern, ", \t");
+ attr_pattern += delimiter;
+ if (attr_pattern < end_attr_pattern) {
+ attr_pattern += strspn(attr_pattern, ", \t");
+ }
/* If there's a wildcard, strip it off but leave the "."
* Can't have aliases for a wildcard pattern.
--
1.7.6.4
-- 389-devel mailing list 389-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-devel
