[389-commits] ldap/servers
Noriko Hosoi
nhosoi at fedoraproject.org
Mon Feb 1 21:41:23 UTC 2010
ldap/servers/slapd/back-ldbm/ldbm_add.c | 13 ++++++++-----
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 13 ++++++++-----
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 13 ++++++++-----
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 26 ++++++++++++++++----------
4 files changed, 40 insertions(+), 25 deletions(-)
New commits:
commit c9c424c34c703082d7da3e4b2f3c366f81185a58
Author: Noriko Hosoi <nhosoi at redhat.com>
Date: Mon Feb 1 13:22:02 2010 -0800
555577 - Syntax validation fails for "ou=NetscapeRoot" tree
https://bugzilla.redhat.com/show_bug.cgi?id=555577
[See comment 7 of the bug]
DistinguishName validation slapi_dn_syntax_check should be
called only when nsslapd-dn-validate-strict is on.
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index 75c64c3..6f51aea 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -193,12 +193,15 @@ ldbm_back_add( Slapi_PBlock *pb )
{
goto error_return;
}
- ldap_result_code = slapi_dn_syntax_check(pb, dn, 1);
- if (ldap_result_code)
+ if (config_get_dn_validate_strict())
{
- ldap_result_code = LDAP_INVALID_DN_SYNTAX;
- slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
- goto error_return;
+ ldap_result_code = slapi_dn_syntax_check(pb, dn, 1);
+ if (ldap_result_code)
+ {
+ ldap_result_code = LDAP_INVALID_DN_SYNTAX;
+ slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
+ goto error_return;
+ }
}
slapi_sdn_set_dn_byref(&sdn, dn);
slapi_sdn_get_backend_parent(&sdn,&parentsdn,pb->pb_backend);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 9787300..f993305 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -103,12 +103,15 @@ ldbm_back_delete( Slapi_PBlock *pb )
{
goto error_return;
}
- ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
- if (ldap_result_code)
+ if (config_get_dn_validate_strict())
{
- ldap_result_code = LDAP_INVALID_DN_SYNTAX;
- slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
- goto error_return;
+ ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
+ if (ldap_result_code)
+ {
+ ldap_result_code = LDAP_INVALID_DN_SYNTAX;
+ slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
+ goto error_return;
+ }
}
is_fixup_operation = operation_is_flag_set(operation, OP_FLAG_REPL_FIXUP);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index 9a0bea0..165e655 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -224,12 +224,15 @@ ldbm_back_modify( Slapi_PBlock *pb )
{
goto error_return;
}
- ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
- if (ldap_result_code)
+ if (config_get_dn_validate_strict())
{
- ldap_result_code = LDAP_INVALID_DN_SYNTAX;
- slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
- goto error_return;
+ ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
+ if (ldap_result_code)
+ {
+ ldap_result_code = LDAP_INVALID_DN_SYNTAX;
+ slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
+ goto error_return;
+ }
}
dblayer_txn_init(li,&txn);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index d713a81..40a5888 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -204,12 +204,15 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
slapi_sdn_set_dn_passin(&dn_newdn,newdn);
new_addr.dn = (char*)slapi_sdn_get_ndn (&dn_newdn);
/* check dn syntax on newdn */
- ldap_result_code = slapi_dn_syntax_check(pb, new_addr.dn, 1);
- if (ldap_result_code)
+ if (config_get_dn_validate_strict())
{
- ldap_result_code = LDAP_INVALID_DN_SYNTAX;
- slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
- goto error_return;
+ ldap_result_code = slapi_dn_syntax_check(pb, new_addr.dn, 1);
+ if (ldap_result_code)
+ {
+ ldap_result_code = LDAP_INVALID_DN_SYNTAX;
+ slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
+ goto error_return;
+ }
}
new_addr.uniqueid = NULL;
ldap_result_code= get_copy_of_entry(pb, &new_addr, &txn, SLAPI_MODRDN_EXISTING_ENTRY, 0);
@@ -269,12 +272,15 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/* find and lock the entry we are about to modify */
done_with_pblock_entry(pb,SLAPI_MODRDN_TARGET_ENTRY); /* Could be through this multiple times */
slapi_pblock_get (pb, SLAPI_TARGET_ADDRESS, &old_addr);
- ldap_result_code = slapi_dn_syntax_check(pb, old_addr->dn, 1);
- if (ldap_result_code)
+ if (config_get_dn_validate_strict())
{
- ldap_result_code = LDAP_INVALID_DN_SYNTAX;
- slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
- goto error_return;
+ ldap_result_code = slapi_dn_syntax_check(pb, old_addr->dn, 1);
+ if (ldap_result_code)
+ {
+ ldap_result_code = LDAP_INVALID_DN_SYNTAX;
+ slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
+ goto error_return;
+ }
}
ldap_result_code= get_copy_of_entry(pb, old_addr, &txn, SLAPI_MODRDN_TARGET_ENTRY, !is_replicated_operation);
if(ldap_result_code==LDAP_OPERATIONS_ERROR ||
More information about the 389-commits
mailing list