[Freeipa-devel] [PATCH 0057] Fix LDAP operation selection logic in ldap_modify_do()
Adam Tkac
atkac at redhat.com
Fri Sep 14 13:23:34 UTC 2012
On Wed, Sep 12, 2012 at 12:35:25PM +0200, Petr Spacek wrote:
> Hello,
>
> There is a fix for LDAP operation selection logic in ldap_modify_do().
>
> Each operation code in LDAPMod structure can be ORed
> with LDAP_MOD_BVALUES.
Ack
> From ab11e62ec2496f2c7245c4d8d80c2fd189b68aa9 Mon Sep 17 00:00:00 2001
> From: Petr Spacek <pspacek at redhat.com>
> Date: Tue, 11 Sep 2012 16:23:18 +0200
> Subject: [PATCH] Fix LDAP operation selection logic in ldap_modify_do().
>
> Each operation code in LDAPMod structure can be ORed
> with LDAP_MOD_BVALUES.
>
> Signed-off-by: Petr Spacek <pspacek at redhat.com>
> ---
> src/ldap_helper.c | 29 +++++++++++++++++------------
> 1 file changed, 17 insertions(+), 12 deletions(-)
>
> diff --git a/src/ldap_helper.c b/src/ldap_helper.c
> index 058048f41485999be0d8ffeadea02f2e25879370..d9c7ce5d84c3944a86ff1865ff6be073ddc294c8 100644
> --- a/src/ldap_helper.c
> +++ b/src/ldap_helper.c
> @@ -2149,33 +2149,38 @@ ldap_modify_do(ldap_instance_t *ldap_inst, ldap_connection_t *ldap_conn,
> CHECK(ldap_connect(ldap_inst, ldap_conn, ISC_FALSE));
> }
>
> + /* Any mod_op can be ORed with LDAP_MOD_BVALUES. */
> + if ((mods[0]->mod_op & ~LDAP_MOD_BVALUES) == LDAP_MOD_ADD)
> + operation_str = "modifying(add)";
> + else if ((mods[0]->mod_op & ~LDAP_MOD_BVALUES) == LDAP_MOD_DELETE)
> + operation_str = "modifying(del)";
> + else if ((mods[0]->mod_op & ~LDAP_MOD_BVALUES) == LDAP_MOD_REPLACE)
> + operation_str = "modifying(replace)";
> + else {
> + operation_str = "modifying(unknown operation)";
> + log_bug("%s: 0x%x", operation_str, mods[0]->mod_op);
> + CHECK(ISC_R_NOTIMPLEMENTED);
> + }
> +
> if (delete_node) {
> log_debug(2, "deleting whole node: '%s'", dn);
> ret = ldap_delete_ext_s(ldap_conn->handle, dn, NULL, NULL);
> } else {
> - log_debug(2, "writing to '%s'", dn);
> + log_debug(2, "writing to '%s': %s", dn, operation_str);
> ret = ldap_modify_ext_s(ldap_conn->handle, dn, mods, NULL, NULL);
> }
>
> result = (ret == LDAP_SUCCESS) ? ISC_R_SUCCESS : ISC_R_FAILURE;
> if (ret == LDAP_SUCCESS)
> goto cleanup;
>
> - if (mods[0]->mod_op == LDAP_MOD_ADD)
> - operation_str = "modifying(add)";
> - else if (mods[0]->mod_op == LDAP_MOD_DELETE)
> - operation_str = "modifying(del)";
> - else {
> - operation_str = "modifying(unknown operation)";
> - CHECK(ISC_R_NOTIMPLEMENTED);
> - }
> -
> LDAP_OPT_CHECK(ldap_get_option(ldap_conn->handle, LDAP_OPT_RESULT_CODE,
> &err_code), "ldap_modify_do(%s) failed to obtain ldap error code",
> operation_str);
>
> /* If there is no object yet, create it with an ldap add operation. */
> - if (mods[0]->mod_op == LDAP_MOD_ADD && err_code == LDAP_NO_SUCH_OBJECT) {
> + if ((mods[0]->mod_op & ~LDAP_MOD_BVALUES) == LDAP_MOD_ADD &&
> + err_code == LDAP_NO_SUCH_OBJECT) {
> int i;
> LDAPMod **new_mods;
> char *obj_str[] = { "idnsRecord", NULL };
> @@ -2211,7 +2216,7 @@ ldap_modify_do(ldap_instance_t *ldap_inst, ldap_connection_t *ldap_conn,
>
> /* do not error out if we are trying to delete an
> * unexisting attribute */
> - if (mods[0]->mod_op != LDAP_MOD_DELETE ||
> + if ((mods[0]->mod_op & ~LDAP_MOD_BVALUES) != LDAP_MOD_DELETE ||
> err_code != LDAP_NO_SUCH_ATTRIBUTE) {
> result = ISC_R_FAILURE;
> }
> --
> 1.7.11.4
>
--
Adam Tkac, Red Hat, Inc.
More information about the Freeipa-devel
mailing list