From 4cf64c10bc92fd7627f452cd6b991671015ba8fa Mon Sep 17 00:00:00 2001

From: Mark Reynolds <mreynolds@redhat.com>

Date: Fri, 19 Oct 2012 10:22:21 -0400

Subject: [PATCH 16/16] Ticket 495 - internalModifiersname not updated by DNA

 plugin

Bug Description:  If you are using the "nsslapd-plugin-binddn-tracking", and the DNA plugin

                   modifiers the entry, the internalmodifiersname is not updated.

Fix Description:  This is because the DNA plugin directly modifies the entry, and does not

                  use the internal modify functions that would trigger the last mod attributes

                  to be updated.  So we have to call the last mod update funtciont directly from

                  the dna plugin.

                  There is also a slight change to the behavior now.  The internalModifiersname &

                  internalCreatorsname will never be the bind dn, but instead it will be the plugin

                  that actually did the update.  So if a entry was not touched by a DS plugin, then

                  the "database" plugin would be the internal modifier/creator:

                                cn=ldbm database,cn=plugins,cn=config

                  This would also allow us to detect if someone replaced the default backend.

https://fedorahosted.org/389/ticket/495

Reviewed by: nhosoi(Thanks!)

(cherry picked from commit fb8c9f305398f713154bc3d8dddeb89d3c9d386a)

---

 ldap/servers/plugins/dna/dna.c     |  4 +++

 ldap/servers/slapd/add.c           | 56 ++++++++++++++++++++++++++++++++++----

 ldap/servers/slapd/opshared.c      |  8 ++++--

 ldap/servers/slapd/proto-slap.h    |  1 -

 ldap/servers/slapd/slapi-private.h | 10 +++++++

 5 files changed, 71 insertions(+), 8 deletions(-)

diff --git a/ldap/servers/plugins/dna/dna.c b/ldap/servers/plugins/dna/dna.c

index ef01735..66d4a05 100644

--- a/ldap/servers/plugins/dna/dna.c

+++ b/ldap/servers/plugins/dna/dna.c

@@ -2846,6 +2846,8 @@ _dna_pre_op_add(Slapi_PBlock *pb, Slapi_Entry *e)

                                                  /* no need to dup */

                                                  DNA_NEEDS_UPDATE);

                 }

+                /* Update the internalModifiersname for this add op */

+                add_internal_modifiersname(pb, e);

                 /* Make sure we don't generate for this

                  * type again by keeping a list of types

@@ -3101,6 +3103,8 @@ _dna_pre_op_modify(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Mods *smods)

                                           /* no need to dup */

                                           DNA_NEEDS_UPDATE); 

                 }

+                /* Update the internalModifersname for this mod op */

+                modify_update_last_modified_attr(pb, smods);

                 /* Make sure we don't generate for this

                  * type again by keeping a list of types

diff --git a/ldap/servers/slapd/add.c b/ldap/servers/slapd/add.c

index 55deeee..3206d5b 100644

--- a/ldap/servers/slapd/add.c

+++ b/ldap/servers/slapd/add.c

@@ -73,7 +73,7 @@

 /* Forward declarations */

 static int add_internal_pb (Slapi_PBlock *pb);

 static void op_shared_add (Slapi_PBlock *pb);

-static int add_created_attrs(Operation *op, Slapi_Entry *e);

+static int add_created_attrs(Slapi_PBlock *pb, Slapi_Entry *e);

 static int check_rdn_for_created_attrs(Slapi_Entry *e);

 static void handle_fast_add(Slapi_PBlock *pb, Slapi_Entry *entry);

 static int add_uniqueid (Slapi_Entry *e);

@@ -631,7 +631,7 @@ static void op_shared_add (Slapi_PBlock *pb)

 		/* can get lastmod only after backend is selected */

 		slapi_pblock_get(pb, SLAPI_BE_LASTMOD, &lastmod);

-		if (lastmod && add_created_attrs(operation, e) != 0)

+		if (lastmod && add_created_attrs(pb, e) != 0)

 		{

 			send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL,

 				"cannot insert computed attributes", 0, NULL);

@@ -745,20 +745,25 @@ done:

 }

 static int 

-add_created_attrs(Operation *op, Slapi_Entry *e)

+add_created_attrs(Slapi_PBlock *pb, Slapi_Entry *e)

 {

 	char   buf[20];

 	char   *binddn = NULL;

+	char   *plugin_dn = NULL;

 	struct berval	bv;

 	struct berval	*bvals[2];

 	time_t		curtime;

 	struct tm	ltm;

+	Operation *op;

+	struct slapdplugin *plugin = NULL;

+	struct slapi_componentid *cid = NULL;

 	slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();

 	LDAPDebug(LDAP_DEBUG_TRACE, "add_created_attrs\n", 0, 0, 0);

 	bvals[0] = &bv;

 	bvals[1] = NULL;

+	slapi_pblock_get(pb, SLAPI_OPERATION, &op);

 	if(slapdFrontendConfig->plugin_track){

 		/* plugin bindDN tracking is enabled, grab the dn from thread local storage */

@@ -766,8 +771,21 @@ add_created_attrs(Operation *op, Slapi_Entry *e)

 			bv.bv_val = "";

 			bv.bv_len = strlen(bv.bv_val);

 		} else {

-			bv.bv_val = (char*)slapi_sdn_get_dn(&op->o_sdn);

-			bv.bv_len = strlen(bv.bv_val);

+			slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &cid;;

+			if (cid){

+				plugin=(struct slapdplugin *) cid->sci_plugin;

+			} else {

+				slapi_pblock_get (pb, SLAPI_PLUGIN, &plugin);

+			}

+			if(plugin)

+				plugin_dn = plugin_get_dn (plugin);

+			if(plugin_dn){

+				bv.bv_val = plugin_dn;

+				bv.bv_len = strlen(bv.bv_val);

+			} else {

+				bv.bv_val = (char*)slapi_sdn_get_dn(&op->o_sdn);

+				bv.bv_len = strlen(bv.bv_val);

+			}

 		}

 		slapi_entry_attr_replace(e, "internalCreatorsName", bvals);

 		slapi_entry_attr_replace(e, "internalModifiersName", bvals);

@@ -971,3 +989,31 @@ check_oc_subentry(Slapi_Entry *e, struct berval	**vals, char *normtype) {

   }

   return subentry;

 }

+

+/*

+ *  Used by plugins that modify entries on add operations, otherwise the internalModifiersname

+ *  would be incorrect.

+ */

+void

+add_internal_modifiersname(Slapi_PBlock *pb, Slapi_Entry *e)

+{

+    slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();

+    struct slapi_componentid *cid = NULL;

+    struct slapdplugin *plugin = NULL;

+    char *plugin_dn = NULL;

+

+    if(slapdFrontendConfig->plugin_track){

+        /* plugin bindDN tracking is enabled, grab the bind dn from thread local storage */

+        slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &cid;;

+        if (cid){

+           plugin=(struct slapdplugin *) cid->sci_plugin;

+        } else {

+           slapi_pblock_get (pb, SLAPI_PLUGIN, &plugin);

+        }

+        if(plugin)

+            plugin_dn = plugin_get_dn (plugin);

+        if(plugin_dn){

+            slapi_entry_attr_set_charptr(e, "internalModifiersname", plugin_dn);

+        }

+    }

+}

diff --git a/ldap/servers/slapd/opshared.c b/ldap/servers/slapd/opshared.c

index 2701250..485763e 100644

--- a/ldap/servers/slapd/opshared.c

+++ b/ldap/servers/slapd/opshared.c

@@ -133,7 +133,8 @@ do_ps_service(Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t chgtype, ber_int_t c

     (ps_service_fn)(e, eprev, chgtype, chgnum);

 }

-void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods)

+void

+modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods)

 {

     char        buf[20];

     char        *plugin_dn = NULL;

@@ -160,8 +161,11 @@ void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods)

             bv.bv_len = strlen(bv.bv_val);

         } else {

             slapi_pblock_get (pb, SLAPI_PLUGIN_IDENTITY, &cid;;

-            if (cid)

+            if (cid){

                 plugin=(struct slapdplugin *) cid->sci_plugin;

+            } else {

+                slapi_pblock_get (pb, SLAPI_PLUGIN, &plugin);

+            }

             if(plugin)

                 plugin_dn = plugin_get_dn (plugin);

             if(plugin_dn){

diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h

index 7e438b7..2289efa 100644

--- a/ldap/servers/slapd/proto-slap.h

+++ b/ldap/servers/slapd/proto-slap.h

@@ -1284,7 +1284,6 @@ void set_config_params (Slapi_PBlock *pb);

 /* set parameters common for all internal operations */

 void set_common_params (Slapi_PBlock *pb);

 void do_ps_service(Slapi_Entry *e, Slapi_Entry *eprev, ber_int_t chgtype, ber_int_t chgnum);

-void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods);

 /*

  * debugdump.cpp

diff --git a/ldap/servers/slapd/slapi-private.h b/ldap/servers/slapd/slapi-private.h

index f995e30..f7b4d04 100644

--- a/ldap/servers/slapd/slapi-private.h

+++ b/ldap/servers/slapd/slapi-private.h

@@ -1247,6 +1247,16 @@ int is_slapd_running();

 /* attrsyntax.c */

 int slapi_add_internal_attr_syntax( const char *name, const char *oid, const char *syntax, const char *mr_equality, unsigned long extraflags );

+/* pw.c */

+void pw_exp_init ( void );

+int pw_copy_entry_ext(Slapi_Entry *src_e, Slapi_Entry *dest_e);

+

+/* op_shared.c */

+void modify_update_last_modified_attr(Slapi_PBlock *pb, Slapi_Mods *smods);

+

+/* add.c */

+void add_internal_modifiersname(Slapi_PBlock *pb, Slapi_Entry *e);

+

 #ifdef __cplusplus

 }

 #endif

-- 

1.7.11.7