From d664d546be0cf31b73689624010c22df2a29ea2c Mon Sep 17 00:00:00 2001 From: Noriko Hosoi Date: Feb 15 2012 02:15:51 +0000 Subject: Trac Ticket #26 - Please support setting defaultNamingContext in the rootdse. https://fedorahosted.org/389/ticket/26 Fix description: If a config param is set to nsslapd-allowed-to-delete-attrs, the value is allowed to delete. nsslapd-defaultnamingcontext is set to the value, by default. The config set API is not designed to allow deleting a param. Instead, it sets NULL to represent the deletion. But it turned out it was not allowed, either. This patch allows to the config params set in the nsslapd-allowed-to-delete-attrs to pass NULL value. --- diff --git a/ldap/servers/slapd/configdse.c b/ldap/servers/slapd/configdse.c index faf1560..d6dddb2 100644 --- a/ldap/servers/slapd/configdse.c +++ b/ldap/servers/slapd/configdse.c @@ -123,27 +123,6 @@ ignore_attr_type(const char *attr_type) return 0; } -/* these attr types are allowed to delete */ -static int -allowed_to_delete_attrs(const char *attr_type) -{ - int rc = 0; - if (attr_type) { - char *delattrs = config_get_allowed_to_delete_attrs(); - char **allowed = slapi_str2charray_ext(delattrs, " ", 0); - char **ap; - for (ap = allowed; ap && *ap; ap++) { - if (strcasecmp (attr_type, *ap) == 0) { - rc = 1; - break; - } - } - slapi_ch_array_free(allowed); - slapi_ch_free_string(&delattrs); - } - return rc; -} - int read_config_dse (Slapi_PBlock *pb, Slapi_Entry* e, Slapi_Entry* entryAfter, int *returncode, char *returntext, void *arg) { @@ -436,7 +415,7 @@ modify_config_dse(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry* e, in } } else if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op)) { /* Need to allow deleting some configuration attrs */ - if (allowed_to_delete_attrs(config_attr)) { + if (config_allowed_to_delete_attrs(config_attr)) { rc = config_set(config_attr, mods[i]->mod_bvalues, returntext, apply_mods); if (apply_mods) { /* log warning once */ diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c index 3e8a615..aafbd7e 100644 --- a/ldap/servers/slapd/libglobs.c +++ b/ldap/servers/slapd/libglobs.c @@ -1315,11 +1315,7 @@ int config_set_listenhost( const char *attrname, char *value, char *errorbuf, int apply ) { int retVal = LDAP_SUCCESS; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); - - if ( config_value_is_null( attrname, value, errorbuf, 0 )) { - return LDAP_OPERATIONS_ERROR; - } - + if ( apply) { CFG_LOCK_WRITE(slapdFrontendConfig); @@ -1530,17 +1526,12 @@ int config_set_securelistenhost( const char *attrname, char *value, char *errorbuf, int apply ) { int retVal = LDAP_SUCCESS; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); - - if ( config_value_is_null( attrname, value, errorbuf, 0 )) { - return LDAP_OPERATIONS_ERROR; - } if ( apply ) { CFG_LOCK_WRITE(slapdFrontendConfig); slapi_ch_free ( (void **) &(slapdFrontendConfig->securelistenhost) ); slapdFrontendConfig->securelistenhost = slapi_ch_strdup ( value ); - CFG_UNLOCK_WRITE(slapdFrontendConfig); } return retVal; @@ -1551,7 +1542,6 @@ config_set_srvtab( const char *attrname, char *value, char *errorbuf, int apply int retVal = LDAP_SUCCESS; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); - if ( config_value_is_null( attrname, value, errorbuf, 0 )) { return LDAP_OPERATIONS_ERROR; } @@ -5804,6 +5794,10 @@ config_set_entryusn_import_init( const char *attrname, char *value, int retVal = LDAP_SUCCESS; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + if ( config_value_is_null( attrname, value, errorbuf, 1 )) { + return LDAP_OPERATIONS_ERROR; + } + if (apply) { CFG_LOCK_WRITE(slapdFrontendConfig); slapi_ch_free_string(&(slapdFrontendConfig->entryusn_import_init)); @@ -5833,6 +5827,10 @@ config_set_allowed_to_delete_attrs( const char *attrname, char *value, int retVal = LDAP_SUCCESS; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + if ( config_value_is_null( attrname, value, errorbuf, 1 )) { + return LDAP_OPERATIONS_ERROR; + } + if (apply) { CFG_LOCK_WRITE(slapdFrontendConfig); slapi_ch_free_string(&(slapdFrontendConfig->allowed_to_delete_attrs)); @@ -5963,6 +5961,20 @@ config_set(const char *attr, struct berval **values, char *errorbuf, int apply) break; default: + if ((NULL == values) && + config_allowed_to_delete_attrs(cgas->attr_name)) { + if (cgas->setfunc) { + retval = (cgas->setfunc)(cgas->attr_name, NULL, + errorbuf, apply); + } else if (cgas->logsetfunc) { + retval = (cgas->logsetfunc)(cgas->attr_name, NULL, + cgas->whichlog, errorbuf, apply); + } else { + LDAPDebug1Arg(LDAP_DEBUG_ANY, + "config_set: the attribute %s is read only; " + "ignoring setting NULL value\n", attr); + } + } for (ii = 0; !retval && values && values[ii]; ++ii) { if (cgas->setfunc) @@ -6230,3 +6242,25 @@ config_set_entry(Slapi_Entry *e) return 1; } + +/* these attr types are allowed to delete */ +int +config_allowed_to_delete_attrs(const char *attr_type) +{ + int rc = 0; + if (attr_type) { + char *delattrs = config_get_allowed_to_delete_attrs(); + char **allowed = slapi_str2charray_ext(delattrs, " ", 0); + char **ap; + for (ap = allowed; ap && *ap; ap++) { + if (strcasecmp (attr_type, *ap) == 0) { + rc = 1; + break; + } + } + slapi_ch_array_free(allowed); + slapi_ch_free_string(&delattrs); + } + return rc; +} + diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h index f3e85c9..e60d1a8 100644 --- a/ldap/servers/slapd/proto-slap.h +++ b/ldap/servers/slapd/proto-slap.h @@ -526,6 +526,8 @@ char *config_get_allowed_to_delete_attrs(void); char *config_get_entryusn_import_init(void); char *config_get_default_naming_context(void); +int config_allowed_to_delete_attrs(const char *attr_type); + int is_abspath(const char *); char* rel2abspath( char * ); char* rel2abspath_ext( char *, char * );