openldap/servers/slapd/back-ldap/modify.c

/* modify.c - ldap backend modify function */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
 * Copyright 1999-2005 The OpenLDAP Foundation.
 * Portions Copyright 1999-2003 Howard Chu.
 * Portions Copyright 2000-2003 Pierangelo Masarati.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted only as authorized by the OpenLDAP
 * Public License.
 *
 * A copy of this license is available in the file LICENSE in the
 * top-level directory of the distribution or, alternatively, at
 * <http://www.OpenLDAP.org/license.html>.
 */
/* ACKNOWLEDGEMENTS:
 * This work was initially developed by the Howard Chu for inclusion
 * in OpenLDAP Software and subsequently enhanced by Pierangelo
 * Masarati.
 */

#include "portable.h"

#include <stdio.h>

#include <ac/string.h>
#include <ac/socket.h>

#include "slap.h"
#include "back-ldap.h"

int
ldap_back_modify(
		Operation	*op,
		SlapReply	*rs )
{
	struct ldapconn	*lc;
	LDAPMod		**modv = NULL,
			*mods = NULL;
	Modifications	*ml;
	int		i, j, rc;
	ber_int_t	msgid;
	int		isupdate;
	int		do_retry = 1;
	LDAPControl	**ctrls = NULL;

	lc = ldap_back_getconn( op, rs, LDAP_BACK_SENDERR );
	if ( !lc || !ldap_back_dobind( lc, op, rs, LDAP_BACK_SENDERR ) ) {
		return rs->sr_err;
	}

	for ( i = 0, ml = op->oq_modify.rs_modlist; ml; i++, ml = ml->sml_next )
		/* just count mods */ ;

	modv = (LDAPMod **)ch_malloc( ( i + 1 )*sizeof( LDAPMod * )
			+ i*sizeof( LDAPMod ) );
	if ( modv == NULL ) {
		rc = LDAP_NO_MEMORY;
		goto cleanup;
	}
	mods = (LDAPMod *)&modv[ i + 1 ];

	isupdate = be_shadow_update( op );
	for ( i = 0, ml = op->oq_modify.rs_modlist; ml; ml = ml->sml_next ) {
		if ( !isupdate && !!get_manageDIT( op ) && ml->sml_desc->ad_type->sat_no_user_mod  )
		{
			continue;
		}

		modv[ i ] = &mods[ i ];
		mods[ i ].mod_op = ( ml->sml_op | LDAP_MOD_BVALUES );
		mods[ i ].mod_type = ml->sml_desc->ad_cname.bv_val;

		if ( ml->sml_values != NULL ) {
			if ( ml->sml_values == NULL ) {	
				continue;
			}

			for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ )
				/* just count mods */ ;
			mods[ i ].mod_bvalues =
				(struct berval **)ch_malloc( ( j + 1 )*sizeof( struct berval * ) );
			for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ )
			{
				mods[ i ].mod_bvalues[ j ] = &ml->sml_values[ j ];
			}
			mods[ i ].mod_bvalues[ j ] = NULL;

		} else {
			mods[ i ].mod_bvalues = NULL;
		}

		i++;
	}
	modv[ i ] = 0;

	ctrls = op->o_ctrls;
	rc = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );
	if ( rc != LDAP_SUCCESS ) {
		send_ldap_result( op, rs );
		rc = -1;
		goto cleanup;
	}

retry:
	rs->sr_err = ldap_modify_ext( lc->lc_ld, op->o_req_ndn.bv_val, modv,
			ctrls, NULL, &msgid );
	rc = ldap_back_op_result( lc, op, rs, msgid, LDAP_BACK_SENDRESULT );
	if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
		do_retry = 0;
		if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) ) {
			goto retry;
		}
	}

cleanup:;
	(void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );

	for ( i = 0; modv[ i ]; i++ ) {
		ch_free( modv[ i ]->mod_bvalues );
	}
	ch_free( modv );

	if ( lc != NULL ) {
		ldap_back_release_conn( op, rs, lc );
	}

	return rc;
}
For ITS#157: Added LDAP backend for slapd, which also required adding LDAP_OPT_MATCH_STRING to ldap.h and libldap/options.c. 1999-05-26 10:35:20 +08:00			`/* modify.c - ldap backend modify function */`
Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers. Replace old Id as needed (back-tcl). Leave updating of contribWare to contributors (for now). 1999-09-09 03:06:24 +08:00			`/* $OpenLDAP$ */`
notices and acknowledges 2003-11-27 14:35:14 +08:00			`/* This work is part of OpenLDAP Software <http://www.openldap.org/>.`
			`*`
Happy New Year! 2005-01-02 04:49:32 +08:00			`* Copyright 1999-2005 The OpenLDAP Foundation.`
notices and acknowledgements 2003-12-09 01:41:40 +08:00			`* Portions Copyright 1999-2003 Howard Chu.`
			`* Portions Copyright 2000-2003 Pierangelo Masarati.`
notices and acknowledges 2003-11-27 14:35:14 +08:00			`* All rights reserved.`
			`*`
			`* Redistribution and use in source and binary forms, with or without`
			`* modification, are permitted only as authorized by the OpenLDAP`
			`* Public License.`
			`*`
			`* A copy of this license is available in the file LICENSE in the`
			`* top-level directory of the distribution or, alternatively, at`
			`* <http://www.OpenLDAP.org/license.html>.`
			`*/`
			`/* ACKNOWLEDGEMENTS:`
			`* This work was initially developed by the Howard Chu for inclusion`
			`* in OpenLDAP Software and subsequently enhanced by Pierangelo`
			`* Masarati.`
Mark as "altered version" 2001-01-17 15:09:22 +08:00			`*/`
For ITS#157: Added LDAP backend for slapd, which also required adding LDAP_OPT_MATCH_STRING to ldap.h and libldap/options.c. 1999-05-26 10:35:20 +08:00
			`#include "portable.h"`

			`#include <stdio.h>`

			`#include <ac/string.h>`
			`#include <ac/socket.h>`

			`#include "slap.h"`
			`#include "back-ldap.h"`

			`int`
			`ldap_back_modify(`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`Operation *op,`
			`SlapReply *rs )`
For ITS#157: Added LDAP backend for slapd, which also required adding LDAP_OPT_MATCH_STRING to ldap.h and libldap/options.c. 1999-05-26 10:35:20 +08:00			`{`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`struct ldapconn *lc;`
			`LDAPMod **modv = NULL,`
			`*mods = NULL;`
			`Modifications *ml;`
			`int i, j, rc;`
			`ber_int_t msgid;`
			`int isupdate;`
			`int do_retry = 1;`
			`LDAPControl **ctrls = NULL;`

StartTLS (ITS#3507) + chain overlay fixes and improvements 2005-01-24 17:38:11 +08:00			`lc = ldap_back_getconn( op, rs, LDAP_BACK_SENDERR );`
			`if ( !lc \|\| !ldap_back_dobind( lc, op, rs, LDAP_BACK_SENDERR ) ) {`
remove unrequired member; address ITS#3913 2005-08-03 06:48:30 +08:00			`return rs->sr_err;`
For ITS#157: Added LDAP backend for slapd, which also required adding LDAP_OPT_MATCH_STRING to ldap.h and libldap/options.c. 1999-05-26 10:35:20 +08:00			`}`

remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`for ( i = 0, ml = op->oq_modify.rs_modlist; ml; i++, ml = ml->sml_next )`
			`/* just count mods */ ;`
For ITS#157: Added LDAP backend for slapd, which also required adding LDAP_OPT_MATCH_STRING to ldap.h and libldap/options.c. 1999-05-26 10:35:20 +08:00
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`modv = (LDAPMod *)ch_malloc( ( i + 1 )sizeof( LDAPMod * )`
			`+ i*sizeof( LDAPMod ) );`
			`if ( modv == NULL ) {`
set return code 2003-03-04 05:32:58 +08:00			`rc = LDAP_NO_MEMORY;`
This is the commit of: - librewrite, for string rewriting; it may be used in back-ldap by configuring with '--enable-rewrite'. It must be used in back-meta. There's a text file, 'libraries/librewrite/RATIONALE', that explains the usage and the features. More comprehensive documentation will follow. - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137) including dn rewriting, a fix to group acl matching and so - back-meta: a new backend that proxies a set of remote servers by spawning queries. It uses portions of back-ldap and the rewrite capabilities of librewrite. It can be compiled by configuring with `--enable-ldap --enable-rewrite --enable-meta'. There's a text file, 'servers/slapd/back-meta/Documentation', that describes the main features and config statements. Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as my autoconf version must be different: my configures contain a number of differences and I didn't feel comfortable in adding them :) 2001-05-12 08:51:28 +08:00			`goto cleanup;`
Updated for schemas. 2000-06-06 12:24:11 +08:00			`}`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`mods = (LDAPMod *)&modv[ i + 1 ];`
allow no-user-modification propagations if back-ldap is used for replication (i.e. updatedn is defined) 2004-02-17 20:39:42 +08:00
first round of SHADOW flags/isupdate test unification 2004-04-10 18:00:58 +08:00			`isupdate = be_shadow_update( op );`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`for ( i = 0, ml = op->oq_modify.rs_modlist; ml; ml = ml->sml_next ) {`
allow noUserMod attrs write proxying when manageDIT is set (still to work in frontend for add) 2005-08-18 03:40:02 +08:00			`if ( !isupdate && !!get_manageDIT( op ) && ml->sml_desc->ad_type->sat_no_user_mod )`
			`{`
add server side controls to back-ldap and back-meta 2002-08-29 22:39:31 +08:00			`continue;`
			`}`

remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`modv[ i ] = &mods[ i ];`
			`mods[ i ].mod_op = ( ml->sml_op \| LDAP_MOD_BVALUES );`
			`mods[ i ].mod_type = ml->sml_desc->ad_cname.bv_val;`
group rewrite/map stuff in one structure and optimize more function calls 2003-04-08 00:52:59 +08:00
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`if ( ml->sml_values != NULL ) {`
			`if ( ml->sml_values == NULL ) {`
group rewrite/map stuff in one structure and optimize more function calls 2003-04-08 00:52:59 +08:00			`continue;`
			`}`
This is the commit of: - librewrite, for string rewriting; it may be used in back-ldap by configuring with '--enable-rewrite'. It must be used in back-meta. There's a text file, 'libraries/librewrite/RATIONALE', that explains the usage and the features. More comprehensive documentation will follow. - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137) including dn rewriting, a fix to group acl matching and so - back-meta: a new backend that proxies a set of remote servers by spawning queries. It uses portions of back-ldap and the rewrite capabilities of librewrite. It can be compiled by configuring with `--enable-ldap --enable-rewrite --enable-meta'. There's a text file, 'servers/slapd/back-meta/Documentation', that describes the main features and config statements. Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as my autoconf version must be different: my configures contain a number of differences and I didn't feel comfortable in adding them :) 2001-05-12 08:51:28 +08:00
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ )`
			`/* just count mods */ ;`
			`mods[ i ].mod_bvalues =`
			`(struct berval *)ch_malloc( ( j + 1 )sizeof( struct berval * ) );`
			`for ( j = 0; !BER_BVISNULL( &ml->sml_values[ j ] ); j++ )`
			`{`
			`mods[ i ].mod_bvalues[ j ] = &ml->sml_values[ j ];`
group rewrite/map stuff in one structure and optimize more function calls 2003-04-08 00:52:59 +08:00			`}`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`mods[ i ].mod_bvalues[ j ] = NULL;`
fix attribute delete (ITS#2158) patch provided by Timofey B. Nickonov <ntb@mts.ru> 2002-11-03 00:00:21 +08:00
			`} else {`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`mods[ i ].mod_bvalues = NULL;`
fix attribute delete (ITS#2158) patch provided by Timofey B. Nickonov <ntb@mts.ru> 2002-11-03 00:00:21 +08:00			`}`

This is the commit of: - librewrite, for string rewriting; it may be used in back-ldap by configuring with '--enable-rewrite'. It must be used in back-meta. There's a text file, 'libraries/librewrite/RATIONALE', that explains the usage and the features. More comprehensive documentation will follow. - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137) including dn rewriting, a fix to group acl matching and so - back-meta: a new backend that proxies a set of remote servers by spawning queries. It uses portions of back-ldap and the rewrite capabilities of librewrite. It can be compiled by configuring with `--enable-ldap --enable-rewrite --enable-meta'. There's a text file, 'servers/slapd/back-meta/Documentation', that describes the main features and config statements. Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as my autoconf version must be different: my configures contain a number of differences and I didn't feel comfortable in adding them :) 2001-05-12 08:51:28 +08:00			`i++;`
Updated for schemas. 2000-06-06 12:24:11 +08:00			`}`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`modv[ i ] = 0;`
Pierangelo Masarati's bugfixes and enhancements for suffix-massaging. See the Changes file for detailed description. 2001-01-20 05:27:20 +08:00
add idassert code (undocumented yet) 2004-05-14 04:25:53 +08:00			`ctrls = op->o_ctrls;`
add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852) 2003-12-01 16:04:51 +08:00			`rc = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );`
			`if ( rc != LDAP_SUCCESS ) {`
Add a retry for failed connections 2004-10-01 19:16:38 +08:00			`send_ldap_result( op, rs );`
			`rc = -1;`
add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852) 2003-12-01 16:04:51 +08:00			`goto cleanup;`
			`}`

Add a retry for failed connections 2004-10-01 19:16:38 +08:00			`retry:`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`rs->sr_err = ldap_modify_ext( lc->lc_ld, op->o_req_ndn.bv_val, modv,`
add idassert code (undocumented yet) 2004-05-14 04:25:53 +08:00			`ctrls, NULL, &msgid );`
StartTLS (ITS#3507) + chain overlay fixes and improvements 2005-01-24 17:38:11 +08:00			`rc = ldap_back_op_result( lc, op, rs, msgid, LDAP_BACK_SENDRESULT );`
Add a retry for failed connections 2004-10-01 19:16:38 +08:00			`if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {`
			`do_retry = 0;`
StartTLS (ITS#3507) + chain overlay fixes and improvements 2005-01-24 17:38:11 +08:00			`if ( ldap_back_retry( lc, op, rs, LDAP_BACK_SENDERR ) ) {`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`goto retry;`
			`}`
Add a retry for failed connections 2004-10-01 19:16:38 +08:00			`}`
This is the commit of: - librewrite, for string rewriting; it may be used in back-ldap by configuring with '--enable-rewrite'. It must be used in back-meta. There's a text file, 'libraries/librewrite/RATIONALE', that explains the usage and the features. More comprehensive documentation will follow. - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137) including dn rewriting, a fix to group acl matching and so - back-meta: a new backend that proxies a set of remote servers by spawning queries. It uses portions of back-ldap and the rewrite capabilities of librewrite. It can be compiled by configuring with `--enable-ldap --enable-rewrite --enable-meta'. There's a text file, 'servers/slapd/back-meta/Documentation', that describes the main features and config statements. Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as my autoconf version must be different: my configures contain a number of differences and I didn't feel comfortable in adding them :) 2001-05-12 08:51:28 +08:00
semicolon after colon in goto labels 2001-06-03 16:53:13 +08:00			`cleanup:;`
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`(void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );`
add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852) 2003-12-01 16:04:51 +08:00
remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 22:43:30 +08:00			`for ( i = 0; modv[ i ]; i++ ) {`
			`ch_free( modv[ i ]->mod_bvalues );`
set return code 2003-03-04 05:32:58 +08:00			`}`
			`ch_free( modv );`

seems to definitely fix issues related to ITS#3808 2005-06-30 00:38:09 +08:00			`if ( lc != NULL ) {`
			`ldap_back_release_conn( op, rs, lc );`
			`}`

Add a retry for failed connections 2004-10-01 19:16:38 +08:00			`return rc;`
For ITS#157: Added LDAP backend for slapd, which also required adding LDAP_OPT_MATCH_STRING to ldap.h and libldap/options.c. 1999-05-26 10:35:20 +08:00			`}`
This is the commit of: - librewrite, for string rewriting; it may be used in back-ldap by configuring with '--enable-rewrite'. It must be used in back-meta. There's a text file, 'libraries/librewrite/RATIONALE', that explains the usage and the features. More comprehensive documentation will follow. - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137) including dn rewriting, a fix to group acl matching and so - back-meta: a new backend that proxies a set of remote servers by spawning queries. It uses portions of back-ldap and the rewrite capabilities of librewrite. It can be compiled by configuring with `--enable-ldap --enable-rewrite --enable-meta'. There's a text file, 'servers/slapd/back-meta/Documentation', that describes the main features and config statements. Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as my autoconf version must be different: my configures contain a number of differences and I didn't feel comfortable in adding them :) 2001-05-12 08:51:28 +08:00