openldap/servers/slapd/back-bdb/passwd.c

/* passwd.c - bdb backend password routines */
/* $OpenLDAP$ */
/*
 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
 */

#include "portable.h"

#include <stdio.h>
#include <ac/string.h>

#include "back-bdb.h"
#include "external.h"

int
bdb_exop_passwd(
	Backend		*be,
	Connection		*conn,
	Operation		*op,
	const char		*reqoid,
	struct berval	*reqdata,
	char			**rspoid,
	struct berval	**rspdata,
	LDAPControl		*** rspctrls,
	const char		**text,
	BVarray *refs )
{
	struct bdb_info *bdb = (struct bdb_info *) be->be_private;
	int rc;
	Entry *e = NULL;
	struct berval hash = { 0, NULL };
	DB_TXN *ltid = NULL;
	struct bdb_op_info opinfo;
	char textbuf[SLAP_TEXT_BUFLEN];
	size_t textlen = sizeof textbuf;

	struct berval id = { 0, NULL };
	struct berval new = { 0, NULL };

	struct berval *dn;

	assert( reqoid != NULL );
	assert( strcmp( LDAP_EXOP_X_MODIFY_PASSWD, reqoid ) == 0 );

	rc = slap_passwd_parse( reqdata,
		&id, NULL, &new, text );

	Debug( LDAP_DEBUG_ARGS, "==> bdb_exop_passwd: \"%s\"\n",
		id.bv_val ? id.bv_val : "", 0, 0 );

	if( rc != LDAP_SUCCESS ) {
		goto done;
	}

	if( new.bv_len == 0 ) {
		slap_passwd_generate(&new);

		if( new.bv_len == 0 ) {
			*text = "password generation failed.";
			rc = LDAP_OTHER;
			goto done;
		}
		
		*rspdata = slap_passwd_return( &new );
	}

	slap_passwd_hash( &new, &hash );

	if( hash.bv_len == 0 ) {
		*text = "password hash failed";
		rc = LDAP_OTHER;
		goto done;
	}

	dn = id.bv_val ? &id : &op->o_dn;

	Debug( LDAP_DEBUG_TRACE, "bdb_exop_passwd: \"%s\"%s\n",
		dn->bv_val, id.bv_val ? " (proxy)" : "", 0 );

	if( dn->bv_len == 0 ) {
		*text = "No password is associated with the Root DSE";
		rc = LDAP_OPERATIONS_ERROR;
		goto done;
	}

	if( 0 ) {
retry:	/* transaction retry */
		Debug( LDAP_DEBUG_TRACE, "bdb_exop_passwd: retrying...\n", 0, 0, 0 );
		rc = txn_abort( ltid );
		ltid = NULL;
		op->o_private = NULL;
		if( rc != 0 ) {
			rc = LDAP_OTHER;
			*text = "internal error";
			goto done;
		}
	}

	if( bdb->bi_txn ) {
		/* begin transaction */
		rc = txn_begin( bdb->bi_dbenv, NULL, &ltid, 
			bdb->bi_db_opflags );
		*text = NULL;
		if( rc != 0 ) {
			Debug( LDAP_DEBUG_TRACE,
				"bdb_exop_passwd: txn_begin failed: %s (%d)\n",
				db_strerror(rc), rc, 0 );
			rc = LDAP_OTHER;
			*text = "internal error";
			goto done;
		}
	}

	opinfo.boi_bdb = be;
	opinfo.boi_txn = ltid;
	opinfo.boi_err = 0;
	op->o_private = &opinfo;

	/* get entry */
	rc = bdb_dn2entry( be, ltid, dn, &e, NULL, 0 );

	switch(rc) {
	case DB_LOCK_DEADLOCK:
	case DB_LOCK_NOTGRANTED:
		goto retry;
	case DB_NOTFOUND:
	case 0:
		break;
	default:
		rc = LDAP_OTHER;
		*text = "internal error";
		goto done;
	}

	if( e == NULL ) {
		*text = "could not locate authorization entry";
		rc = LDAP_NO_SUCH_OBJECT;
		goto done;
	}

	if( is_entry_alias( e ) ) {
		/* entry is an alias, don't allow operation */
		*text = "authorization entry is alias";
		rc = LDAP_ALIAS_PROBLEM;
		goto done;
	}


	if( is_entry_referral( e ) ) {
		/* entry is an referral, don't allow operation */
		*text = "authorization entry is referral";
		rc = LDAP_OPERATIONS_ERROR;
		goto done;
	}

	{
		Modifications ml;
		struct berval vals[2];

		vals[0] = hash;
		vals[1].bv_val = NULL;

		ml.sml_desc = slap_schema.si_ad_userPassword;
		ml.sml_bvalues = vals;
		ml.sml_op = LDAP_MOD_REPLACE;
		ml.sml_next = NULL;

		rc = bdb_modify_internal( be, conn, op, ltid,
			&ml, e, text, textbuf, textlen );

		switch(rc) {
		case DB_LOCK_DEADLOCK:
		case DB_LOCK_NOTGRANTED:
			*text = NULL;
			bdb_entry_return( be, e );
			e = NULL;
			goto retry;
		case 0:
			break;
		default:
			rc = LDAP_OTHER;
			*text = "entry modify failed";
			goto done;
		}

		/* change the entry itself */
		rc = bdb_id2entry_update( be, ltid, e );
		if( rc != 0 ) {
			switch(rc) {
			case DB_LOCK_DEADLOCK:
			case DB_LOCK_NOTGRANTED:
				bdb_entry_return( be, e );
				e = NULL;
				goto retry;
			}
			*text = "entry update failed";
			rc = LDAP_OTHER;
		}

		if( bdb->bi_txn && rc == 0 ) {
			rc = txn_commit( ltid, 0 );
			ltid = NULL;
		}
		op->o_private = NULL;

		if( rc == LDAP_SUCCESS ) {
			replog( be, op, &e->e_name, &e->e_nname, &ml );
		}
	}

done:
	if( e != NULL ) {
		bdb_entry_return( be, e );
	}

	if( id.bv_val != NULL ) {
		free( id.bv_val );
	}

	if( new.bv_val != NULL ) {
		free( new.bv_val );
	}

	if( hash.bv_val != NULL ) {
		free( hash.bv_val );
	}

	if( ltid != NULL ) {
		txn_abort( ltid );
		op->o_private = NULL;
	}

	return rc;
}
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`/* passwd.c - bdb backend password routines */`
			`/* $OpenLDAP$ */`
			`/*`
			`* Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.`
			`* COPYING RESTRICTIONS APPLY, see COPYRIGHT file`
			`*/`

			`#include "portable.h"`

			`#include <stdio.h>`
			`#include <ac/string.h>`

			`#include "back-bdb.h"`
include external.h 2000-09-26 13:33:37 +08:00			`#include "external.h"`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
			`int`
			`bdb_exop_passwd(`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`Backend *be,`
			`Connection *conn,`
			`Operation *op,`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`const char *reqoid,`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`struct berval *reqdata,`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`char **rspoid,`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`struct berval **rspdata,`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`LDAPControl *** rspctrls,`
			`const char **text,`
Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`BVarray *refs )`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`{`
			`struct bdb_info bdb = (struct bdb_info ) be->be_private;`
			`int rc;`
			`Entry *e = NULL;`
Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`struct berval hash = { 0, NULL };`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`DB_TXN *ltid = NULL;`
			`struct bdb_op_info opinfo;`
Work in progress codes. !UNTESTED! 2001-06-15 15:08:37 +08:00			`char textbuf[SLAP_TEXT_BUFLEN];`
			`size_t textlen = sizeof textbuf;`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`struct berval id = { 0, NULL };`
			`struct berval new = { 0, NULL };`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
Some more (incomplete) struct berval conversion 2001-12-27 07:26:17 +08:00			`struct berval *dn;`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
			`assert( reqoid != NULL );`
			`assert( strcmp( LDAP_EXOP_X_MODIFY_PASSWD, reqoid ) == 0 );`

			`rc = slap_passwd_parse( reqdata,`
			`&id, NULL, &new, text );`

			`Debug( LDAP_DEBUG_ARGS, "==> bdb_exop_passwd: \"%s\"\n",`
Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`id.bv_val ? id.bv_val : "", 0, 0 );`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
			`if( rc != LDAP_SUCCESS ) {`
			`goto done;`
			`}`

Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`if( new.bv_len == 0 ) {`
			`slap_passwd_generate(&new);`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`if( new.bv_len == 0 ) {`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`*text = "password generation failed.";`
			`rc = LDAP_OTHER;`
			`goto done;`
			`}`

Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`*rspdata = slap_passwd_return( &new );`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`}`

Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`slap_passwd_hash( &new, &hash );`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`if( hash.bv_len == 0 ) {`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`*text = "password hash failed";`
			`rc = LDAP_OTHER;`
			`goto done;`
			`}`

Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`dn = id.bv_val ? &id : &op->o_dn;`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
fix up bdb_entry_return() calls 2000-09-28 10:27:49 +08:00			`Debug( LDAP_DEBUG_TRACE, "bdb_exop_passwd: \"%s\"%s\n",`
Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`dn->bv_val, id.bv_val ? " (proxy)" : "", 0 );`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
Some more (incomplete) struct berval conversion 2001-12-27 07:26:17 +08:00			`if( dn->bv_len == 0 ) {`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`*text = "No password is associated with the Root DSE";`
			`rc = LDAP_OPERATIONS_ERROR;`
			`goto done;`
			`}`

Replace existing SLAP_MR_ matching flags with: SLAP_MR_ASSERTION_SYNTAX_MATCH SLAP_MR_VALUE_SYNTAX_MATCH SLAP_MR_VALUE_SYNTAX_CONVERTED_MATCH, add supporting evaluation macros, and update code as needed. Misc other code cleanup included. 2001-11-28 05:59:56 +08:00			`if( 0 ) {`
fix up bdb_entry_return() calls 2000-09-28 10:27:49 +08:00			`retry: /* transaction retry */`
			`Debug( LDAP_DEBUG_TRACE, "bdb_exop_passwd: retrying...\n", 0, 0, 0 );`
			`rc = txn_abort( ltid );`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`ltid = NULL;`
			`op->o_private = NULL;`
			`if( rc != 0 ) {`
			`rc = LDAP_OTHER;`
			`*text = "internal error";`
			`goto done;`
			`}`
			`}`

Misc code cleanup 2001-11-27 11:41:03 +08:00			`if( bdb->bi_txn ) {`
			`/* begin transaction */`
Added experimental support for DB_DIRTY_READ. 2001-11-28 11:11:04 +08:00			`rc = txn_begin( bdb->bi_dbenv, NULL, &ltid,`
			`bdb->bi_db_opflags );`
Misc code cleanup 2001-11-27 11:41:03 +08:00			`*text = NULL;`
			`if( rc != 0 ) {`
			`Debug( LDAP_DEBUG_TRACE,`
			`"bdb_exop_passwd: txn_begin failed: %s (%d)\n",`
			`db_strerror(rc), rc, 0 );`
			`rc = LDAP_OTHER;`
			`*text = "internal error";`
			`goto done;`
			`}`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`}`

			`opinfo.boi_bdb = be;`
			`opinfo.boi_txn = ltid;`
			`opinfo.boi_err = 0;`
			`op->o_private = &opinfo;`

			`/* get entry */`
			`rc = bdb_dn2entry( be, ltid, dn, &e, NULL, 0 );`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
			`switch(rc) {`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`case DB_LOCK_DEADLOCK:`
			`case DB_LOCK_NOTGRANTED:`
			`goto retry;`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`case DB_NOTFOUND:`
			`case 0:`
			`break;`
			`default:`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`rc = LDAP_OTHER;`
			`*text = "internal error";`
			`goto done;`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`}`

			`if( e == NULL ) {`
			`*text = "could not locate authorization entry";`
Adjust result code when entry is not found to noSuchObject 2000-10-12 02:19:26 +08:00			`rc = LDAP_NO_SUCH_OBJECT;`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`goto done;`
			`}`

			`if( is_entry_alias( e ) ) {`
			`/* entry is an alias, don't allow operation */`
			`*text = "authorization entry is alias";`
			`rc = LDAP_ALIAS_PROBLEM;`
			`goto done;`
			`}`


			`if( is_entry_referral( e ) ) {`
			`/* entry is an referral, don't allow operation */`
			`*text = "authorization entry is referral";`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`rc = LDAP_OPERATIONS_ERROR;`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`goto done;`
			`}`

			`{`
			`Modifications ml;`
Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`struct berval vals[2];`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
			`vals[0] = hash;`
Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`vals[1].bv_val = NULL;`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
			`ml.sml_desc = slap_schema.si_ad_userPassword;`
			`ml.sml_bvalues = vals;`
			`ml.sml_op = LDAP_MOD_REPLACE;`
			`ml.sml_next = NULL;`

Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`rc = bdb_modify_internal( be, conn, op, ltid,`
Work in progress codes. !UNTESTED! 2001-06-15 15:08:37 +08:00			`&ml, e, text, textbuf, textlen );`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00
			`switch(rc) {`
			`case DB_LOCK_DEADLOCK:`
			`case DB_LOCK_NOTGRANTED:`
Work in progress codes. !UNTESTED! 2001-06-15 15:08:37 +08:00			`*text = NULL;`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`bdb_entry_return( be, e );`
			`e = NULL;`
			`goto retry;`
			`case 0:`
			`break;`
			`default:`
			`rc = LDAP_OTHER;`
			`*text = "entry modify failed";`
			`goto done;`
			`}`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
FIx up replog calls, add replog call to bdb passwd 2001-12-26 02:20:35 +08:00			`/* change the entry itself */`
			`rc = bdb_id2entry_update( be, ltid, e );`
			`if( rc != 0 ) {`
			`switch(rc) {`
			`case DB_LOCK_DEADLOCK:`
			`case DB_LOCK_NOTGRANTED:`
			`bdb_entry_return( be, e );`
			`e = NULL;`
			`goto retry;`
			`}`
			`*text = "entry update failed";`
			`rc = LDAP_OTHER;`
			`}`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00
FIx up replog calls, add replog call to bdb passwd 2001-12-26 02:20:35 +08:00			`if( bdb->bi_txn && rc == 0 ) {`
			`rc = txn_commit( ltid, 0 );`
			`ltid = NULL;`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`}`
FIx up replog calls, add replog call to bdb passwd 2001-12-26 02:20:35 +08:00			`op->o_private = NULL;`
Misc code cleanup 2001-11-27 11:41:03 +08:00
FIx up replog calls, add replog call to bdb passwd 2001-12-26 02:20:35 +08:00			`if( rc == LDAP_SUCCESS ) {`
			`replog( be, op, &e->e_name, &e->e_nname, &ml );`
			`}`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`}`
Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`done:`
			`if( e != NULL ) {`
			`bdb_entry_return( be, e );`
			`}`

Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`if( id.bv_val != NULL ) {`
			`free( id.bv_val );`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`}`

Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`if( new.bv_val != NULL ) {`
			`free( new.bv_val );`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`}`

Change struct berval ** to BVarray 2002-01-02 19:00:36 +08:00			`if( hash.bv_val != NULL ) {`
			`free( hash.bv_val );`
Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`}`

Rough in extended ops, modify, and modrdn. General code cleanup. 2000-09-28 06:28:59 +08:00			`if( ltid != NULL ) {`
			`txn_abort( ltid );`
			`op->o_private = NULL;`
			`}`

Rough in passwd and referral routines add diag and fix a few idl bugs 2000-09-26 11:47:56 +08:00			`return rc;`
			`}`