diff --git a/include/slapi-plugin.h b/include/slapi-plugin.h index a59e7a9d3f..5598dcc4cb 100644 --- a/include/slapi-plugin.h +++ b/include/slapi-plugin.h @@ -528,7 +528,8 @@ int slapi_x_backend_get_flags( const Slapi_Backend *be, unsigned long *flags ); #define SLAPI_X_CONN_SSF 1303 #define SLAPI_X_CONN_SASL_CONTEXT 1304 #define SLAPI_X_OPERATION_DELETE_GLUE_PARENT 1305 -#define SLAPI_X_MANAGEDIT 1306 +#define SLAPI_X_RELAX 1306 +#define SLAPI_X_MANAGEDIT SLAPI_X_RELAX #define SLAPI_X_OPERATION_NO_SCHEMA_CHECK 1307 #define SLAPI_X_ADD_STRUCTURAL_CLASS 1308 #define SLAPI_X_OPERATION_NO_SUBORDINATE_GLUE 1309 diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index f3959b3ed5..7b1c4a0854 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -354,7 +354,7 @@ access_allowed_mask( { access = ACL_AUTH; - } else if ( get_manageDIT( op ) && access_level == ACL_WRITE && + } else if ( get_relax( op ) && access_level == ACL_WRITE && desc == slap_schema.si_ad_entry ) { access = ACL_MANAGE; diff --git a/servers/slapd/back-bdb/add.c b/servers/slapd/back-bdb/add.c index 1c7be0387e..83a809e574 100644 --- a/servers/slapd/back-bdb/add.c +++ b/servers/slapd/back-bdb/add.c @@ -97,7 +97,7 @@ txnReturn: /* check entry's schema */ rs->sr_err = entry_schema_check( op, op->oq_add.rs_e, NULL, - get_manageDIT(op), &rs->sr_text, textbuf, textlen ); + get_relax(op), &rs->sr_text, textbuf, textlen ); if ( rs->sr_err != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_add) ": entry failed schema check: " diff --git a/servers/slapd/back-bdb/modify.c b/servers/slapd/back-bdb/modify.c index 9967bdb806..76cf27bab8 100644 --- a/servers/slapd/back-bdb/modify.c +++ b/servers/slapd/back-bdb/modify.c @@ -205,7 +205,7 @@ int bdb_modify_internal( } /* check that the entry still obeys the schema */ - rc = entry_schema_check( op, e, save_attrs, get_manageDIT(op), + rc = entry_schema_check( op, e, save_attrs, get_relax(op), text, textbuf, textlen ); if ( rc != LDAP_SUCCESS || op->o_noop ) { attrs_free( e->e_attrs ); diff --git a/servers/slapd/back-ldap/add.c b/servers/slapd/back-ldap/add.c index e79f847bc6..1989a5b608 100644 --- a/servers/slapd/back-ldap/add.c +++ b/servers/slapd/back-ldap/add.c @@ -71,7 +71,7 @@ ldap_back_add( isupdate = be_shadow_update( op ); for ( i = 0, a = op->oq_add.rs_e->e_attrs; a; a = a->a_next ) { - if ( !isupdate && !get_manageDIT( op ) && a->a_desc->ad_type->sat_no_user_mod ) + if ( !isupdate && !get_relax( op ) && a->a_desc->ad_type->sat_no_user_mod ) { continue; } diff --git a/servers/slapd/back-ldap/modify.c b/servers/slapd/back-ldap/modify.c index 7e6e7ecad5..648dc18a0d 100644 --- a/servers/slapd/back-ldap/modify.c +++ b/servers/slapd/back-ldap/modify.c @@ -66,7 +66,7 @@ ldap_back_modify( isupdate = be_shadow_update( op ); for ( i = 0, ml = op->oq_modify.rs_modlist; ml; ml = ml->sml_next ) { - if ( !isupdate && !get_manageDIT( op ) && ml->sml_desc->ad_type->sat_no_user_mod ) + if ( !isupdate && !get_relax( op ) && ml->sml_desc->ad_type->sat_no_user_mod ) { continue; } diff --git a/servers/slapd/back-meta/add.c b/servers/slapd/back-meta/add.c index 6ff7a9c81e..311b6d2f04 100644 --- a/servers/slapd/back-meta/add.c +++ b/servers/slapd/back-meta/add.c @@ -86,7 +86,7 @@ meta_back_add( Operation *op, SlapReply *rs ) for ( i = 0, a = op->ora_e->e_attrs; a; a = a->a_next ) { int j, is_oc = 0; - if ( !isupdate && !get_manageDIT( op ) && a->a_desc->ad_type->sat_no_user_mod ) + if ( !isupdate && !get_relax( op ) && a->a_desc->ad_type->sat_no_user_mod ) { continue; } diff --git a/servers/slapd/back-meta/modify.c b/servers/slapd/back-meta/modify.c index 6d1c3732f6..bde4dd220a 100644 --- a/servers/slapd/back-meta/modify.c +++ b/servers/slapd/back-meta/modify.c @@ -92,7 +92,7 @@ meta_back_modify( Operation *op, SlapReply *rs ) for ( i = 0, ml = op->orm_modlist; ml; ml = ml->sml_next ) { int j, is_oc = 0; - if ( !isupdate && !get_manageDIT( op ) && ml->sml_desc->ad_type->sat_no_user_mod ) + if ( !isupdate && !get_relax( op ) && ml->sml_desc->ad_type->sat_no_user_mod ) { continue; } diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c index 514a919a68..65ec9a7829 100644 --- a/servers/slapd/backend.c +++ b/servers/slapd/backend.c @@ -867,10 +867,9 @@ backend_check_controls( } } - /* temporarily removed */ -#if 0 +#if 0 /* temporarily removed */ /* check should be generalized */ - if( get_manageDIT(op) && !be_isroot(op)) { + if( get_relax(op) && !be_isroot(op)) { rs->sr_text = "requires manager authorization"; rs->sr_err = LDAP_UNWILLING_TO_PERFORM; } diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c index 857a13e573..b6c356e741 100644 --- a/servers/slapd/controls.c +++ b/servers/slapd/controls.c @@ -25,27 +25,24 @@ #include "../../libraries/liblber/lber-int.h" static SLAP_CTRL_PARSE_FN parseAssert; -static SLAP_CTRL_PARSE_FN parsePreRead; -static SLAP_CTRL_PARSE_FN parsePostRead; -static SLAP_CTRL_PARSE_FN parseProxyAuthz; +static SLAP_CTRL_PARSE_FN parseDomainScope; static SLAP_CTRL_PARSE_FN parseDontUseCopy; -#ifdef SLAP_RELAX -static SLAP_CTRL_PARSE_FN parseManageDIT; -#endif static SLAP_CTRL_PARSE_FN parseManageDSAit; static SLAP_CTRL_PARSE_FN parseNoOp; static SLAP_CTRL_PARSE_FN parsePagedResults; +static SLAP_CTRL_PARSE_FN parsePermissiveModify; +static SLAP_CTRL_PARSE_FN parsePreRead, parsePostRead; +static SLAP_CTRL_PARSE_FN parseProxyAuthz; +static SLAP_CTRL_PARSE_FN parseRelax; +static SLAP_CTRL_PARSE_FN parseSearchOptions; #ifdef SLAP_SORTEDRESULTS static SLAP_CTRL_PARSE_FN parseSortedResults; #endif -static SLAP_CTRL_PARSE_FN parseValuesReturnFilter; -static SLAP_CTRL_PARSE_FN parsePermissiveModify; -static SLAP_CTRL_PARSE_FN parseDomainScope; +static SLAP_CTRL_PARSE_FN parseSubentries; #ifdef SLAP_CONTROL_X_TREE_DELETE static SLAP_CTRL_PARSE_FN parseTreeDelete; #endif -static SLAP_CTRL_PARSE_FN parseSearchOptions; -static SLAP_CTRL_PARSE_FN parseSubentries; +static SLAP_CTRL_PARSE_FN parseValuesReturnFilter; #undef sc_mask /* avoid conflict with Irix 6.5 */ @@ -177,13 +174,11 @@ static struct slap_control control_defs[] = { SLAP_CTRL_ACCESS|SLAP_CTRL_HIDE, NULL, NULL, parseNoOp, LDAP_SLIST_ENTRY_INITIALIZER(next) }, -#ifdef SLAP_RELAX { LDAP_CONTROL_RELAX, - (int)offsetof(struct slap_control_ids, sc_manageDIT), + (int)offsetof(struct slap_control_ids, sc_relax), SLAP_CTRL_GLOBAL|SLAP_CTRL_UPDATE|SLAP_CTRL_HIDE, NULL, NULL, - parseManageDIT, LDAP_SLIST_ENTRY_INITIALIZER(next) }, -#endif + parseRelax, LDAP_SLIST_ENTRY_INITIALIZER(next) }, #ifdef LDAP_X_TXN { LDAP_CONTROL_X_TXN_SPEC, (int)offsetof(struct slap_control_ids, sc_txnSpec), @@ -868,13 +863,12 @@ static int parseDontUseCopy ( return LDAP_SUCCESS; } -#ifdef SLAP_RELAX -static int parseManageDIT ( +static int parseRelax ( Operation *op, SlapReply *rs, LDAPControl *ctrl ) { - if ( op->o_managedit != SLAP_CONTROL_NONE ) { + if ( op->o_relax != SLAP_CONTROL_NONE ) { rs->sr_text = "relax control specified multiple times"; return LDAP_PROTOCOL_ERROR; } @@ -884,13 +878,12 @@ static int parseManageDIT ( return LDAP_PROTOCOL_ERROR; } - op->o_managedit = ctrl->ldctl_iscritical + op->o_relax = ctrl->ldctl_iscritical ? SLAP_CONTROL_CRITICAL : SLAP_CONTROL_NONCRITICAL; return LDAP_SUCCESS; } -#endif static int parseManageDSAit ( Operation *op, diff --git a/servers/slapd/modify.c b/servers/slapd/modify.c index dc2af62473..bab4bb0ffd 100644 --- a/servers/slapd/modify.c +++ b/servers/slapd/modify.c @@ -442,7 +442,7 @@ slap_mods_obsolete_check( char *textbuf, size_t textlen ) { - if( get_manageDIT( op ) ) return LDAP_SUCCESS; + if( get_relax( op ) ) return LDAP_SUCCESS; for ( ; ml != NULL; ml = ml->sml_next ) { if ( is_at_obsolete( ml->sml_desc->ad_type ) && @@ -481,7 +481,7 @@ slap_mods_no_user_mod_check( continue; } - if ( get_manageDIT( op ) ) { + if ( get_relax( op ) ) { if ( ml->sml_desc->ad_type->sat_flags & SLAP_AT_MANAGEABLE ) { ml->sml_flags |= SLAP_MOD_MANAGING; continue; diff --git a/servers/slapd/overlays/dds.c b/servers/slapd/overlays/dds.c index 137712b8ca..369cbd075e 100644 --- a/servers/slapd/overlays/dds.c +++ b/servers/slapd/overlays/dds.c @@ -694,7 +694,7 @@ done:; if ( rs->sr_err == LDAP_SUCCESS ) { int rc; - /* FIXME: this could be allowed when manageDIT is used... + /* FIXME: this could be allowed when the Relax control is used... * in that case: * * TODO @@ -713,7 +713,7 @@ done:; rc = is_dynamicObject - was_dynamicObject; if ( rc ) { #if 0 /* fix subordinate issues first */ - if ( get_manageDIT( op ) ) { + if ( get_relax( op ) ) { switch ( rc ) { case -1: /* need to delete entryTtl to have a consistent entry */ @@ -1077,7 +1077,7 @@ dds_op_extended( Operation *op, SlapReply *rs ) } /* we require manage privileges on the entryTtl, - * and fake a manageDIT control */ + * and fake a Relax control */ op2.o_tag = LDAP_REQ_MODIFY; op2.o_bd = &db; db.bd_info = (BackendInfo *)on->on_info; @@ -1085,7 +1085,7 @@ dds_op_extended( Operation *op, SlapReply *rs ) sc.sc_response = slap_replog_cb; sc.sc_next = &sc2; sc2.sc_response = slap_null_cb; - op2.o_managedit = SLAP_CONTROL_CRITICAL; + op2.o_relax = SLAP_CONTROL_CRITICAL; op2.orm_modlist = &ttlmod; ttlmod.sml_op = LDAP_MOD_REPLACE; diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c index cc5066ffa7..c68c0e9a8b 100644 --- a/servers/slapd/overlays/ppolicy.c +++ b/servers/slapd/overlays/ppolicy.c @@ -122,7 +122,7 @@ static struct schema_info { "SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 " "SINGLE-VALUE " #if 0 - /* Not until MANAGEDIT control is released */ + /* Not until Relax control is released */ "NO-USER-MODIFICATION " #endif "USAGE directoryOperation )", @@ -163,7 +163,7 @@ static struct schema_info { "SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 " "SINGLE-VALUE " #if 0 - /* Not until MANAGEDIT control is released */ + /* Not until Relax control is released */ "NO-USER-MODIFICATION " #endif "USAGE directoryOperation )", diff --git a/servers/slapd/overlays/rwm.c b/servers/slapd/overlays/rwm.c index 2e07c98104..7948927b87 100644 --- a/servers/slapd/overlays/rwm.c +++ b/servers/slapd/overlays/rwm.c @@ -157,7 +157,7 @@ rwm_op_add( Operation *op, SlapReply *rs ) } } - } else if ( !isupdate && !get_manageDIT( op ) && (*ap)->a_desc->ad_type->sat_no_user_mod ) + } else if ( !isupdate && !get_relax( op ) && (*ap)->a_desc->ad_type->sat_no_user_mod ) { goto next_attr; @@ -441,7 +441,7 @@ rwm_op_modify( Operation *op, SlapReply *rs ) { is_oc = 1; - } else if ( !isupdate && !get_manageDIT( op ) && (*mlp)->sml_desc->ad_type->sat_no_user_mod ) + } else if ( !isupdate && !get_relax( op ) && (*mlp)->sml_desc->ad_type->sat_no_user_mod ) { goto next_mod; @@ -988,7 +988,7 @@ rwm_attrs( Operation *op, SlapReply *rs, Attribute** a_first, int stripEntryDN ) } } else if ( !isupdate - && !get_manageDIT( op ) + && !get_relax( op ) && (*ap)->a_desc->ad_type->sat_no_user_mod && (*ap)->a_desc->ad_type != slap_schema.si_at_undefined ) { diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 9e0bec8193..75100eb8fc 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -2295,7 +2295,6 @@ struct slap_control_ids { int sc_assert; int sc_domainScope; int sc_dontUseCopy; - int sc_manageDIT; int sc_manageDSAit; int sc_modifyIncrement; int sc_noOp; @@ -2304,6 +2303,7 @@ struct slap_control_ids { int sc_postRead; int sc_preRead; int sc_proxyAuthz; + int sc_relax; int sc_searchOptions; #ifdef SLAP_SORTEDRESULTS int sc_sortedResults; @@ -2466,8 +2466,8 @@ typedef struct slap_op { #define o_dontUseCopy o_ctrlflag[slap_cids.sc_dontUseCopy] #define get_dontUseCopy(op) _SCM((op)->o_dontUseCopy) -#define o_managedit o_ctrlflag[slap_cids.sc_manageDIT] -#define get_manageDIT(op) _SCM((op)->o_managedit) +#define o_relax o_ctrlflag[slap_cids.sc_relax] +#define get_relax(op) _SCM((op)->o_relax) #define o_managedsait o_ctrlflag[slap_cids.sc_manageDSAit] #define get_manageDSAit(op) _SCM((op)->o_managedsait) @@ -2775,7 +2775,7 @@ typedef struct slap_counters_t { #define SLAP_CTRL_HIDE 0x80000000U #endif -#define SLAP_CTRL_REQUIRES_ROOT 0x40000000U /* for ManageDIT */ +#define SLAP_CTRL_REQUIRES_ROOT 0x40000000U /* for Relax */ #define SLAP_CTRL_GLOBAL 0x00800000U #define SLAP_CTRL_GLOBAL_SEARCH 0x00010000U /* for NOOP */ diff --git a/servers/slapd/slapi/slapi_pblock.c b/servers/slapd/slapi/slapi_pblock.c index ab75cd6783..bdf0e167ea 100644 --- a/servers/slapd/slapi/slapi_pblock.c +++ b/servers/slapd/slapi/slapi_pblock.c @@ -64,7 +64,7 @@ pblock_get_param_class( int param ) case SLAPI_DB2LDIF_PRINTKEY: case SLAPI_LDIF2DB_REMOVEDUPVALS: case SLAPI_MANAGEDSAIT: - case SLAPI_X_MANAGEDIT: + case SLAPI_X_RELAX: case SLAPI_X_OPERATION_NO_SCHEMA_CHECK: case SLAPI_IS_REPLICATED_OPERATION: case SLAPI_X_CONN_IS_UDP: @@ -519,9 +519,9 @@ pblock_get( Slapi_PBlock *pb, int param, void **value ) PBLOCK_ASSERT_OP( pb, 0 ); *((int *)value) = get_manageDSAit( pb->pb_op ); break; - case SLAPI_X_MANAGEDIT: + case SLAPI_X_RELAX: PBLOCK_ASSERT_OP( pb, 0 ); - *((int *)value) = get_manageDIT( pb->pb_op ); + *((int *)value) = get_relax( pb->pb_op ); break; case SLAPI_BACKEND: PBLOCK_ASSERT_OP( pb, 0 ); @@ -924,9 +924,9 @@ pblock_set( Slapi_PBlock *pb, int param, void *value ) PBLOCK_ASSERT_OP( pb, 0 ); pb->pb_op->o_managedsait = *((int *)value); break; - case SLAPI_X_MANAGEDIT: + case SLAPI_X_RELAX: PBLOCK_ASSERT_OP( pb, 0 ); - pb->pb_op->o_managedit = *((int *)value); + pb->pb_op->o_relax = *((int *)value); break; case SLAPI_BACKEND: PBLOCK_ASSERT_OP( pb, 0 );