1 /* $NetBSD: add.c,v 1.1.1.6 2018/02/06 01:53:17 christos Exp $ */ 2 3 /* $OpenLDAP$ */ 4 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 5 * 6 * Copyright 1999-2017 The OpenLDAP Foundation. 7 * Portions Copyright 2001-2003 Pierangelo Masarati. 8 * Portions Copyright 1999-2003 Howard Chu. 9 * All rights reserved. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted only as authorized by the OpenLDAP 13 * Public License. 14 * 15 * A copy of this license is available in the file LICENSE in the 16 * top-level directory of the distribution or, alternatively, at 17 * <http://www.OpenLDAP.org/license.html>. 18 */ 19 /* ACKNOWLEDGEMENTS: 20 * This work was initially developed by the Howard Chu for inclusion 21 * in OpenLDAP Software and subsequently enhanced by Pierangelo 22 * Masarati. 23 */ 24 25 26 #include <sys/cdefs.h> 27 __RCSID("$NetBSD: add.c,v 1.1.1.6 2018/02/06 01:53:17 christos Exp $"); 28 29 #include "portable.h" 30 31 #include <stdio.h> 32 33 #include <ac/string.h> 34 #include <ac/socket.h> 35 36 #include "slap.h" 37 #include "../back-ldap/back-ldap.h" 38 #include "back-meta.h" 39 40 int 41 meta_back_add( Operation *op, SlapReply *rs ) 42 { 43 metainfo_t *mi = ( metainfo_t * )op->o_bd->be_private; 44 metatarget_t *mt; 45 metaconn_t *mc; 46 int i, candidate = -1; 47 int isupdate; 48 Attribute *a; 49 LDAPMod **attrs; 50 struct berval mdn = BER_BVNULL, mapped; 51 dncookie dc; 52 int msgid; 53 ldap_back_send_t retrying = LDAP_BACK_RETRYING; 54 LDAPControl **ctrls = NULL; 55 56 Debug(LDAP_DEBUG_ARGS, "==> meta_back_add: %s\n", 57 op->o_req_dn.bv_val, 0, 0 ); 58 59 /* 60 * get the current connection 61 */ 62 mc = meta_back_getconn( op, rs, &candidate, LDAP_BACK_SENDERR ); 63 if ( !mc || !meta_back_dobind( op, rs, mc, LDAP_BACK_SENDERR ) ) { 64 return rs->sr_err; 65 } 66 67 assert( mc->mc_conns[ candidate ].msc_ld != NULL ); 68 69 /* 70 * Rewrite the add dn, if needed 71 */ 72 mt = mi->mi_targets[ candidate ]; 73 dc.target = mt; 74 dc.conn = op->o_conn; 75 dc.rs = rs; 76 dc.ctx = "addDN"; 77 78 if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) { 79 send_ldap_result( op, rs ); 80 goto done; 81 } 82 83 /* Count number of attributes in entry ( +1 ) */ 84 for ( i = 1, a = op->ora_e->e_attrs; a; i++, a = a->a_next ); 85 86 /* Create array of LDAPMods for ldap_add() */ 87 attrs = ch_malloc( sizeof( LDAPMod * )*i ); 88 89 dc.ctx = "addAttrDN"; 90 isupdate = be_shadow_update( op ); 91 for ( i = 0, a = op->ora_e->e_attrs; a; a = a->a_next ) { 92 int j, is_oc = 0; 93 94 if ( !isupdate && !get_relax( op ) && a->a_desc->ad_type->sat_no_user_mod ) 95 { 96 continue; 97 } 98 99 if ( a->a_desc == slap_schema.si_ad_objectClass 100 || a->a_desc == slap_schema.si_ad_structuralObjectClass ) 101 { 102 is_oc = 1; 103 mapped = a->a_desc->ad_cname; 104 105 } else { 106 ldap_back_map( &mt->mt_rwmap.rwm_at, 107 &a->a_desc->ad_cname, &mapped, BACKLDAP_MAP ); 108 if ( BER_BVISNULL( &mapped ) || BER_BVISEMPTY( &mapped ) ) { 109 continue; 110 } 111 } 112 113 attrs[ i ] = ch_malloc( sizeof( LDAPMod ) ); 114 if ( attrs[ i ] == NULL ) { 115 continue; 116 } 117 attrs[ i ]->mod_op = LDAP_MOD_BVALUES; 118 attrs[ i ]->mod_type = mapped.bv_val; 119 120 if ( is_oc ) { 121 for ( j = 0; !BER_BVISNULL( &a->a_vals[ j ] ); j++ ) 122 ; 123 124 attrs[ i ]->mod_bvalues = 125 (struct berval **)ch_malloc( ( j + 1 ) * 126 sizeof( struct berval * ) ); 127 128 for ( j = 0; !BER_BVISNULL( &a->a_vals[ j ] ); ) { 129 struct ldapmapping *mapping; 130 131 ldap_back_mapping( &mt->mt_rwmap.rwm_oc, 132 &a->a_vals[ j ], &mapping, BACKLDAP_MAP ); 133 134 if ( mapping == NULL ) { 135 if ( mt->mt_rwmap.rwm_oc.drop_missing ) { 136 continue; 137 } 138 attrs[ i ]->mod_bvalues[ j ] = &a->a_vals[ j ]; 139 140 } else { 141 attrs[ i ]->mod_bvalues[ j ] = &mapping->dst; 142 } 143 j++; 144 } 145 attrs[ i ]->mod_bvalues[ j ] = NULL; 146 147 } else { 148 /* 149 * FIXME: dn-valued attrs should be rewritten 150 * to allow their use in ACLs at the back-ldap 151 * level. 152 */ 153 if ( a->a_desc->ad_type->sat_syntax == 154 slap_schema.si_syn_distinguishedName ) 155 { 156 (void)ldap_dnattr_rewrite( &dc, a->a_vals ); 157 if ( a->a_vals == NULL ) { 158 continue; 159 } 160 } 161 162 for ( j = 0; !BER_BVISNULL( &a->a_vals[ j ] ); j++ ) 163 ; 164 165 attrs[ i ]->mod_bvalues = ch_malloc( ( j + 1 ) * sizeof( struct berval * ) ); 166 for ( j = 0; !BER_BVISNULL( &a->a_vals[ j ] ); j++ ) { 167 attrs[ i ]->mod_bvalues[ j ] = &a->a_vals[ j ]; 168 } 169 attrs[ i ]->mod_bvalues[ j ] = NULL; 170 } 171 i++; 172 } 173 attrs[ i ] = NULL; 174 175 retry:; 176 ctrls = op->o_ctrls; 177 if ( meta_back_controls_add( op, rs, mc, candidate, &ctrls ) != LDAP_SUCCESS ) 178 { 179 send_ldap_result( op, rs ); 180 goto cleanup; 181 } 182 183 rs->sr_err = ldap_add_ext( mc->mc_conns[ candidate ].msc_ld, mdn.bv_val, 184 attrs, ctrls, NULL, &msgid ); 185 rs->sr_err = meta_back_op_result( mc, op, rs, candidate, msgid, 186 mt->mt_timeout[ SLAP_OP_ADD ], ( LDAP_BACK_SENDRESULT | retrying ) ); 187 if ( rs->sr_err == LDAP_UNAVAILABLE && retrying ) { 188 retrying &= ~LDAP_BACK_RETRYING; 189 if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) { 190 /* if the identity changed, there might be need to re-authz */ 191 (void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls ); 192 goto retry; 193 } 194 } 195 196 cleanup:; 197 (void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls ); 198 199 for ( --i; i >= 0; --i ) { 200 free( attrs[ i ]->mod_bvalues ); 201 free( attrs[ i ] ); 202 } 203 free( attrs ); 204 if ( mdn.bv_val != op->ora_e->e_dn ) { 205 free( mdn.bv_val ); 206 BER_BVZERO( &mdn ); 207 } 208 209 done:; 210 if ( mc ) { 211 meta_back_release_conn( mi, mc ); 212 } 213 214 return rs->sr_err; 215 } 216 217