ldap/servers/plugins/referint/referint.c | 38 +++++++++++++++----------------
ldap/servers/slapd/ldaputil.c | 37 +++++++++++++++++-------------
2 files changed, 41 insertions(+), 34 deletions(-)
New commits:
commit 69ce800b670e1e9ecd9ccaf0a8920245d3d98337
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Jul 9 15:24:25 2012 -0600
Ticket #405 - referint modrdn not working if case is different
https://fedorahosted.org/389/ticket/405
Resolves: Ticket #405
Bug Description: referint modrdn not working if case is different
Reviewed by: nhosoi (Thanks!)
Branch: 389-ds-base-1.2.11
Fix Description: Pass the Slapi_DN to _update_all_per_mod() and
_update_one_per_mod(). Use the case normalized dn (ndn) to compare against
the case normalized member value.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/plugins/referint/referint.c
b/ldap/servers/plugins/referint/referint.c
index e8d4ead..1929cd5 100644
--- a/ldap/servers/plugins/referint/referint.c
+++ b/ldap/servers/plugins/referint/referint.c
@@ -349,7 +349,7 @@ static int
_update_one_per_mod(Slapi_DN *entrySDN, /* DN of the searched entry */
Slapi_Attr *attr, /* referred attribute */
char *attrName,
- const char *origDN, /* original DN that was modified */
+ Slapi_DN *origDN, /* original DN that was modified */
char *newRDN, /* new RDN from modrdn */
const char *newsuperior, /* new superior from modrdn */
Slapi_PBlock *mod_pb)
@@ -367,7 +367,7 @@ _update_one_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
if (NULL == newRDN && NULL == newsuperior) {
/* in delete mode */
/* delete old dn so set that up */
- values_del[0] = (char *)origDN;
+ values_del[0] = (char *)slapi_sdn_get_dn(origDN);
values_del[1] = NULL;
attribute1.mod_type = attrName;
attribute1.mod_op = LDAP_MOD_DELETE;
@@ -379,7 +379,7 @@ _update_one_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: entry %s: deleting \"%s: %s\" failed
(%d)"
- "\n", slapi_sdn_get_dn(entrySDN), attrName, origDN, rc);
+ "\n", slapi_sdn_get_dn(entrySDN), attrName,
slapi_sdn_get_dn(origDN), rc);
}
} else {
/* in modrdn mode */
@@ -393,11 +393,11 @@ _update_one_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
goto bail;
}
/* need to put together rdn into a dn */
- dnParts = slapi_ldap_explode_dn( origDN, 0 );
+ dnParts = slapi_ldap_explode_dn( slapi_sdn_get_dn(origDN), 0 );
if (NULL == dnParts) {
slapi_log_error(SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_one_value: failed to explode dn %s\n",
- origDN);
+ slapi_sdn_get_dn(origDN));
goto bail;
}
if (NULL == newRDN) {
@@ -406,8 +406,8 @@ _update_one_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
if (newsuperior) {
superior = newsuperior;
} else {
- /* no need to free superior */
- superior = slapi_dn_find_parent(origDN);
+ /* do not free superior */
+ superior = slapi_dn_find_parent(slapi_sdn_get_dn(origDN));
}
/* newRDN and superior are already normalized. */
newDN = slapi_ch_smprintf("%s,%s", newRDN, superior);
@@ -448,7 +448,7 @@ _update_one_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
}
/* else: (rc < 0) Ignore the DN normalization error for now. */
- p = PL_strstr(sval, origDN);
+ p = PL_strstr(sval, slapi_sdn_get_ndn(origDN));
if (p == sval) {
/* (case 1) */
values_del[0] = sval;
@@ -471,7 +471,7 @@ _update_one_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
"_update_one_value: entry %s: replacing \"%s: %s\"
"
"with \"%s: %s\" failed (%d)\n",
slapi_sdn_get_dn(entrySDN), attrName,
- origDN, attrName, newDN, rc);
+ slapi_sdn_get_dn(origDN), attrName, newDN, rc);
}
} else if (p) {
char bak;
@@ -526,7 +526,7 @@ static int
_update_all_per_mod(Slapi_DN *entrySDN, /* DN of the searched entry */
Slapi_Attr *attr, /* referred attribute */
char *attrName,
- const char *origDN, /* original DN that was modified */
+ Slapi_DN *origDN, /* original DN that was modified */
char *newRDN, /* new RDN from modrdn */
const char *newsuperior, /* new superior from modrdn */
Slapi_PBlock *mod_pb)
@@ -548,7 +548,7 @@ _update_all_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
LDAPMod attribute1;
/* delete old dn so set that up */
- values_del[0] = (char *)origDN;
+ values_del[0] = (char *)slapi_sdn_get_dn(origDN);
values_del[1] = NULL;
attribute1.mod_type = attrName;
attribute1.mod_op = LDAP_MOD_DELETE;
@@ -560,7 +560,7 @@ _update_all_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
if (rc) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_all_per_mod: entry %s: deleting \"%s: %s\" failed
(%d)"
- "\n", slapi_sdn_get_dn(entrySDN), attrName, origDN, rc);
+ "\n", slapi_sdn_get_dn(entrySDN), attrName,
slapi_sdn_get_dn(origDN), rc);
}
} else {
/* in modrdn mode */
@@ -574,11 +574,11 @@ _update_all_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
goto bail;
}
/* need to put together rdn into a dn */
- dnParts = slapi_ldap_explode_dn( origDN, 0 );
+ dnParts = slapi_ldap_explode_dn( slapi_sdn_get_dn(origDN), 0 );
if (NULL == dnParts) {
slapi_log_error(SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM,
"_update_all_per_mod: failed to explode dn %s\n",
- origDN);
+ slapi_sdn_get_dn(origDN));
goto bail;
}
if (NULL == newRDN) {
@@ -587,8 +587,8 @@ _update_all_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
if (newsuperior) {
superior = newsuperior;
} else {
- /* no need to free superior */
- superior = slapi_dn_find_parent(origDN);
+ /* do not free superior */
+ superior = slapi_dn_find_parent(slapi_sdn_get_dn(origDN));
}
/* newRDN and superior are already normalized. */
newDN = slapi_ch_smprintf("%s,%s", newRDN, superior);
@@ -633,7 +633,7 @@ _update_all_per_mod(Slapi_DN *entrySDN, /* DN of the searched
entry */
}
/* else: (rc < 0) Ignore the DN normalization error for now. */
- p = PL_strstr(sval, origDN);
+ p = PL_strstr(sval, slapi_sdn_get_ndn(origDN));
if (p == sval) {
/* (case 1) */
slapi_mods_add_string(smods, LDAP_MOD_DELETE, attrName, sval);
@@ -766,13 +766,13 @@ update_integrity(char **argv, Slapi_DN *origSDN,
if (nval > 128) {
rc = _update_one_per_mod(
slapi_entry_get_sdn(search_entries[j]),
- attr, attrName, origDN, newrDN,
+ attr, attrName, origSDN, newrDN,
slapi_sdn_get_dn(newsuperior),
mod_pb);
} else {
rc = _update_all_per_mod(
slapi_entry_get_sdn(search_entries[j]),
- attr, attrName, origDN, newrDN,
+ attr, attrName, origSDN, newrDN,
slapi_sdn_get_dn(newsuperior),
mod_pb);
}
commit 23af810b3b0a356a5f14cc31fc413d6e73a1ecc7
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Jun 29 13:46:45 2012 -0400
Ticket 399 - slapi_ldap_bind() doesn't check bind results
Bug Description: There are two issues here. One, we were not calling
ldap_parse_result()
for SIMPLE binds. Two, we were overwriting the error code, with
the
function result code.
Fix Description: Always call ldap_parse_result, and use a separate error code
variable to
preserve the actual result code from the bind operation.
https://fedorahosted.org/389/ticket/399
Reviewed by: nhosoi(Thanks Noriko!)
(cherry picked from commit f43ed1ddaa9bcbf1308b2ecbe9044e2058776d2c)
diff --git a/ldap/servers/slapd/ldaputil.c b/ldap/servers/slapd/ldaputil.c
index 12f01c6..3041f51 100644
--- a/ldap/servers/slapd/ldaputil.c
+++ b/ldap/servers/slapd/ldaputil.c
@@ -991,6 +991,7 @@ slapi_ldap_bind(
)
{
int rc = LDAP_SUCCESS;
+ int err;
LDAPControl **clientctrls = NULL;
int secure = 0;
struct berval bvcreds = {0, NULL};
@@ -1111,21 +1112,27 @@ slapi_ldap_bind(
mech ? mech : "SIMPLE");
goto done;
}
- /* if we got here, we were able to read success result */
- /* Get the controls sent by the server if requested */
- if (returnedctrls) {
- if ((rc = ldap_parse_result(ld, result, &rc, NULL, NULL,
- NULL, returnedctrls,
- 0)) != LDAP_SUCCESS) {
- slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_bind",
- "Error: could not bind id "
- "[%s] mech [%s]: error %d (%s) errno %d (%s)\n",
- bindid ? bindid : "(anon)",
- mech ? mech : "SIMPLE",
- rc, ldap_err2string(rc), errno, slapd_system_strerror(errno));
- goto done;
- }
- }
+ /* if we got here, we were able to read success result */
+ /* Get the controls sent by the server if requested */
+ if ((rc = ldap_parse_result(ld, result, &err, NULL, NULL,
+ NULL, returnedctrls, 0)) != LDAP_SUCCESS) {
+ slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_bind",
+ "Error: could not parse bind result: error %d (%s) errno %d
(%s)\n",
+ rc, ldap_err2string(rc), errno, slapd_system_strerror(errno));
+ goto done;
+ }
+
+ /* check the result code from the bind operation */
+ if(err){
+ rc = err;
+ slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_bind",
+ "Error: could not bind id "
+ "[%s] mech [%s]: error %d (%s) errno %d (%s)\n",
+ bindid ? bindid : "(anon)",
+ mech ? mech : "SIMPLE",
+ rc, ldap_err2string(rc), errno,
slapd_system_strerror(errno));
+ goto done;
+ }
/* parse the bind result and get the ldap error code */
if ((rc = ldap_parse_sasl_bind_result(ld, result, &servercredp,