From f102eb72cf8928a585a33423124c2c98a2048bce Mon Sep 17 00:00:00 2001 From: Ludwig Krispenz Date: Nov 20 2012 09:47:39 +0000 Subject: Fix for ticket 504 --- diff --git a/ldap/servers/slapd/attrsyntax.c b/ldap/servers/slapd/attrsyntax.c index 59506a0..3c062f1 100644 --- a/ldap/servers/slapd/attrsyntax.c +++ b/ldap/servers/slapd/attrsyntax.c @@ -67,11 +67,12 @@ static PLHashTable *internalasi = NULL; static PLHashTable *name2asi = NULL; /* read/write lock to protect table */ static Slapi_RWLock *name2asi_lock = NULL; +static int asi_locking = 1; -#define AS_LOCK_READ(l) slapi_rwlock_rdlock(l) -#define AS_LOCK_WRITE(l) slapi_rwlock_wrlock(l) -#define AS_UNLOCK_READ(l) slapi_rwlock_unlock(l) -#define AS_UNLOCK_WRITE(l) slapi_rwlock_unlock(l) +#define AS_LOCK_READ(l) if (asi_locking) { slapi_rwlock_rdlock(l); } +#define AS_LOCK_WRITE(l) if (asi_locking) { slapi_rwlock_wrlock(l); } +#define AS_UNLOCK_READ(l) if (asi_locking) { slapi_rwlock_unlock(l); } +#define AS_UNLOCK_WRITE(l) if (asi_locking) { slapi_rwlock_unlock(l); } @@ -1043,12 +1044,15 @@ attr_syntax_delete_all() static int attr_syntax_init(void) { + int schema_modify_enabled = config_get_schemamod(); + if (!schema_modify_enabled) asi_locking = 0; + if (!oid2asi) { oid2asi = PL_NewHashTable(2047, hashNocaseString, hashNocaseCompare, PL_CompareValues, 0, 0); - if ( NULL == ( oid2asi_lock = slapi_new_rwlock())) { + if ( asi_locking && NULL == ( oid2asi_lock = slapi_new_rwlock())) { if(oid2asi) PL_HashTableDestroy(oid2asi); oid2asi = NULL; @@ -1063,7 +1067,7 @@ attr_syntax_init(void) name2asi = PL_NewHashTable(2047, hashNocaseString, hashNocaseCompare, PL_CompareValues, 0, 0); - if ( NULL == ( name2asi_lock = slapi_new_rwlock())) { + if ( asi_locking && NULL == ( name2asi_lock = slapi_new_rwlock())) { if(name2asi) PL_HashTableDestroy(name2asi); name2asi = NULL; diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c index caae9ee..dee7812 100644 --- a/ldap/servers/slapd/libglobs.c +++ b/ldap/servers/slapd/libglobs.c @@ -220,6 +220,7 @@ int init_pw_change; int init_pw_exp; int init_pw_syntax; int init_schemacheck; +int init_schemamod; int init_ds4_compatible_schema; int init_schema_ignore_trailing_spaces; int init_enquote_sup_oc; @@ -506,6 +507,10 @@ static struct config_get_and_set { NULL, 0, (void**)&global_slapdFrontendConfig.schemacheck, CONFIG_ON_OFF, NULL, &init_schemacheck}, + {CONFIG_SCHEMAMOD_ATTRIBUTE, config_set_schemamod, + NULL, 0, + (void**)&global_slapdFrontendConfig.schemamod, + CONFIG_ON_OFF, NULL, &init_schemamod}, {CONFIG_SYNTAXCHECK_ATTRIBUTE, config_set_syntaxcheck, NULL, 0, (void**)&global_slapdFrontendConfig.syntaxcheck, @@ -1315,6 +1320,7 @@ FrontendConfig_init () { cfg->timelimit = SLAPD_DEFAULT_TIMELIMIT; cfg->anon_limits_dn = slapi_ch_strdup(""); init_schemacheck = cfg->schemacheck = LDAP_ON; + init_schemamod = cfg->schemamod = LDAP_ON; init_syntaxcheck = cfg->syntaxcheck = LDAP_OFF; init_plugin_track = cfg->plugin_track = LDAP_OFF; init_syntaxlogging = cfg->syntaxlogging = LDAP_OFF; @@ -3115,6 +3121,20 @@ config_set_schemacheck( const char *attrname, char *value, char *errorbuf, int a } int +config_set_schemamod( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + retVal = config_set_onoff ( attrname, + value, + &(slapdFrontendConfig->schemamod), + errorbuf, + apply); + + return retVal; +} + +int config_set_syntaxcheck( const char *attrname, char *value, char *errorbuf, int apply ) { int retVal = LDAP_SUCCESS; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); @@ -4835,6 +4855,18 @@ config_get_schemacheck() { } int +config_get_schemamod() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->schemamod; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int config_get_syntaxcheck() { slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); int retVal; diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h index 19c06a2..d206c6d 100644 --- a/ldap/servers/slapd/proto-slap.h +++ b/ldap/servers/slapd/proto-slap.h @@ -287,6 +287,7 @@ int config_set_accesscontrol( const char *attrname, char *value, char *errorbuf, int config_set_security( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_readonly( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_schemacheck( const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_schemamod( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_syntaxcheck( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_syntaxlogging( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_plugin_tracking( const char *attrname, char *value, char *errorbuf, int apply ); diff --git a/ldap/servers/slapd/schema.c b/ldap/servers/slapd/schema.c index c66c320..5eb6520 100644 --- a/ldap/servers/slapd/schema.c +++ b/ldap/servers/slapd/schema.c @@ -1648,9 +1648,18 @@ modify_schema_dse (Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry *entr LDAPMod **mods = NULL; int num_mods = 0; /* count the number of mods */ int schema_ds4x_compat = config_get_ds4_compatible_schema(); + int schema_modify_enabled = config_get_schemamod(); int reapply_mods = 0; int is_replicated_operation = 0; + if (!schema_modify_enabled) { + *returncode = LDAP_UNWILLING_TO_PERFORM; + schema_create_errormsg( returntext, SLAPI_DSE_RETURNTEXT_SIZE, + schema_errprefix_generic, "Generic", + "schema update is disabled" ); + return (SLAPI_DSE_CALLBACK_ERROR); + } + slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ); slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation); schema_dse_lock_write(); diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h index cc99486..8b43f5a 100644 --- a/ldap/servers/slapd/slap.h +++ b/ldap/servers/slapd/slap.h @@ -1872,6 +1872,7 @@ typedef struct _slapdEntryPoints { #define CONFIG_OBJECTCLASS_ATTRIBUTE "nsslapd-objectclass" #define CONFIG_ATTRIBUTE_ATTRIBUTE "nsslapd-attribute" #define CONFIG_SCHEMACHECK_ATTRIBUTE "nsslapd-schemacheck" +#define CONFIG_SCHEMAMOD_ATTRIBUTE "nsslapd-schemamod" #define CONFIG_SYNTAXCHECK_ATTRIBUTE "nsslapd-syntaxcheck" #define CONFIG_SYNTAXLOGGING_ATTRIBUTE "nsslapd-syntaxlogging" #define CONFIG_DN_VALIDATE_STRICT_ATTRIBUTE "nsslapd-dn-validate-strict" @@ -2097,6 +2098,7 @@ typedef struct _slapdFrontendConfig { int readonly; int reservedescriptors; int schemacheck; + int schemamod; int syntaxcheck; int syntaxlogging; int dn_validate_strict;