ldap/servers/plugins/dna/dna.c | 4 ++ ldap/servers/slapd/add.c | 56 +++++++++++++++++++++++++++++++++---- ldap/servers/slapd/opshared.c | 8 +++-- ldap/servers/slapd/proto-slap.h | 1 ldap/servers/slapd/slapi-private.h | 6 +++ 5 files changed, 67 insertions(+), 8 deletions(-)
New commits: commit 2bef7e7dad076549faa6af3f0d7e70294fe48a00 Author: Mark Reynolds mreynolds@redhat.com Date: Fri Oct 19 10:22:21 2012 -0400
Ticket 495 - internalModifiersname not updated by DNA plugin
Bug Description: If you are using the "nsslapd-plugin-binddn-tracking", and the DNA plugin modifiers the entry, the internalmodifiersname is not updated.
Fix Description: This is because the DNA plugin directly modifies the entry, and does not use the internal modify functions that would trigger the last mod attributes to be updated. So we have to call the last mod update funtciont directly from the dna plugin.
There is also a slight change to the behavior now. The internalModifiersname & internalCreatorsname will never be the bind dn, but instead it will be the plugin that actually did the update. So if a entry was not touched by a DS plugin, then the "database" plugin would be the internal modifier/creator:
cn=ldbm database,cn=plugins,cn=config
This would also allow us to detect if someone replaced the default backend.
https://fedorahosted.org/389/ticket/495
Reviewed by: nhosoi(Thanks!)
diff --git a/ldap/servers/plugins/dna/dna.c b/ldap/servers/plugins/dna/dna.c index 34d67ab..2b56967 100644 --- a/ldap/servers/plugins/dna/dna.c +++ b/ldap/servers/plugins/dna/dna.c @@ -2853,6 +2853,8 @@ _dna_pre_op_add(Slapi_PBlock *pb, Slapi_Entry *e) /* no need to dup */ DNA_NEEDS_UPDATE); } + /* Update the internalModifiersname for this add op */ + add_internal_modifiersname(pb, e);
/* Make sure we don't generate for this * type again by keeping a list of types @@ -3106,6 +3108,8 @@ _dna_pre_op_modify(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Mods *smods) /* no need to dup */ DNA_NEEDS_UPDATE); } + /* Update the internalModifersname for this mod op */ + modify_update_last_modified_attr(pb, smods);
/* Make sure we don't generate for this * type again by keeping a list of types diff --git a/ldap/servers/slapd/add.c b/ldap/servers/slapd/add.c index d1d23b3..c41c09f 100644 --- a/ldap/servers/slapd/add.c +++ b/ldap/servers/slapd/add.c @@ -73,7 +73,7 @@ /* Forward declarations */ static int add_internal_pb (Slapi_PBlock *pb); static void op_shared_add (Slapi_PBlock *pb); -static int add_created_attrs(Operation *op, Slapi_Entry *e); +static int add_created_attrs(Slapi_PBlock *pb, Slapi_Entry *e); static int check_rdn_for_created_attrs(Slapi_Entry *e); static void handle_fast_add(Slapi_PBlock *pb, Slapi_Entry *entry); static int add_uniqueid (Slapi_Entry *e); @@ -684,7 +684,7 @@ static void op_shared_add (Slapi_PBlock *pb) /* can get lastmod only after backend is selected */ slapi_pblock_get(pb, SLAPI_BE_LASTMOD, &lastmod);
- if (lastmod && add_created_attrs(operation, e) != 0) + if (lastmod && add_created_attrs(pb, e) != 0) { send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL, "cannot insert computed attributes", 0, NULL); @@ -797,20 +797,25 @@ done: }
static int -add_created_attrs(Operation *op, Slapi_Entry *e) +add_created_attrs(Slapi_PBlock *pb, Slapi_Entry *e) { char buf[20]; char *binddn = NULL; + char *plugin_dn = NULL; struct berval bv; struct berval *bvals[2]; time_t curtime; struct tm ltm; + Operation *op; + struct slapdplugin *plugin = NULL; + struct slapi_componentid *cid = NULL; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
LDAPDebug(LDAP_DEBUG_TRACE, "add_created_attrs\n", 0, 0, 0);
bvals[0] = &bv; bvals[1] = NULL; + slapi_pblock_get(pb, SLAPI_OPERATION, &op); if(slapdFrontendConfig->plugin_track){ /* plugin bindDN tracking is enabled, grab the dn from thread local storage */ @@ -818,8 +823,21 @@ add_created_attrs(Operation *op, Slapi_Entry *e) bv.bv_val = ""; bv.bv_len = strlen(bv.bv_val); } else { - bv.bv_val = (char*)slapi_sdn_get_dn(&op->o_sdn); - bv.bv_len = strlen(bv.bv_val); + slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &cid); + if (cid){ + plugin=(struct slapdplugin *) cid->sci_plugin; + } else { + slapi_pblock_get (pb, SLAPI_PLUGIN, &plugin); + } + if(plugin) + plugin_dn = plugin_get_dn (plugin); + if(plugin_dn){ + bv.bv_val = plugin_dn; + bv.bv_len = strlen(bv.bv_val); + } else { + bv.bv_val = (char*)slapi_sdn_get_dn(&op->o_sdn); + bv.bv_len = strlen(bv.bv_val); + } } slapi_entry_attr_replace(e, "internalCreatorsName", bvals); slapi_entry_attr_replace(e, "internalModifiersName", bvals); @@ -1023,3 +1041,31 @@ check_oc_subentry(Slapi_Entry *e, struct berval **vals, char *normtype) { } return subentry; } + +/* + * Used by plugins that modify entries on add operations, otherwise the internalModifiersname + * would be incorrect. + */ +void +add_internal_modifiersname(Slapi_PBlock *pb, Slapi_Entry *e) +{ + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + struct slapi_componentid *cid = NULL; + struct slapdplugin *plugin = NULL; + char *plugin_dn = NULL; + + if(slapdFrontendConfig->plugin_track){ + /* plugin bindDN tracking is enabled, grab the bind dn from thread local storage */ + slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &cid); + if (cid){ + plugin=(struct slapdplugin *) cid->sci_plugin; + } else { + slapi_pblock_get (pb, SLAPI_PLUGIN, &plugin); + } + if(plugin) + plugin_dn = plugin_get_dn (plugin); + if(plugin_dn){ + slapi_entry_attr_set_charptr(e, "internalModifiersname", plugin_dn); + } + } +} diff --git a/ldap/servers/slapd/opshared.c b/ldap/servers/slapd/opshared.c index 019fe20..4a6ca44 100644 --- a/ldap/servers/slapd/opshared.c +++ b/ldap/servers/slapd/opshared.c @@ -135,7 +135,8 @@ do_ps_service(Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t chgtype, ber_int_t c (ps_service_fn)(e, eprev, chgtype, chgnum); }
-void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods) +void +modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods) { char buf[20]; char *plugin_dn = NULL; @@ -162,8 +163,11 @@ void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods) bv.bv_len = strlen(bv.bv_val); } else { slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &cid); - if (cid) + if (cid){ plugin=(struct slapdplugin *) cid->sci_plugin; + } else { + slapi_pblock_get (pb, SLAPI_PLUGIN, &plugin); + } if(plugin) plugin_dn = plugin_get_dn (plugin); if(plugin_dn){ diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h index 905b0f4..19c06a2 100644 --- a/ldap/servers/slapd/proto-slap.h +++ b/ldap/servers/slapd/proto-slap.h @@ -1290,7 +1290,6 @@ void set_config_params (Slapi_PBlock *pb); /* set parameters common for all internal operations */ void set_common_params (Slapi_PBlock *pb); void do_ps_service(Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t chgtype, ber_int_t chgnum); -void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods);
/* * debugdump.cpp diff --git a/ldap/servers/slapd/slapi-private.h b/ldap/servers/slapd/slapi-private.h index 6c2781c..3ee1755 100644 --- a/ldap/servers/slapd/slapi-private.h +++ b/ldap/servers/slapd/slapi-private.h @@ -1252,6 +1252,12 @@ int slapi_add_internal_attr_syntax( const char *name, const char *oid, const cha void pw_exp_init ( void ); int pw_copy_entry_ext(Slapi_Entry *src_e, Slapi_Entry *dest_e);
+/* op_shared.c */ +void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods); + +/* add.c */ +void add_internal_modifiersname(Slapi_PBlock *pb, Slapi_Entry *e); + #ifdef __cplusplus } #endif
389-commits@lists.fedoraproject.org
-
Mark Reynolds