zrhoffman / rpms / 389-ds-base

Forked from rpms/389-ds-base 3 years ago
Clone

Blame SOURCES/0029-Issue-4528-Fix-cn-monitor-SCOPE_ONE-search-4529.patch

3280a9
From 2afc65fd1750afcb1667545da5625f5a932aacdd Mon Sep 17 00:00:00 2001
3280a9
From: Simon Pichugin <spichugi@redhat.com>
3280a9
Date: Wed, 13 Jan 2021 15:16:08 +0100
3280a9
Subject: [PATCH] Issue 4528 - Fix cn=monitor SCOPE_ONE search (#4529)
3280a9
3280a9
Bug Description: While doing a ldapsearch on "cn=monitor" is
3280a9
throwing err=32 with -s one.
3280a9
3280a9
Fix Description: 'cn=monitor' is not a real entry so we should not
3280a9
trying to check if the searched suffix (cm=monitor or its children)
3280a9
belongs to the searched backend.
3280a9
3280a9
Fixes: #4528
3280a9
3280a9
Reviewed by: @mreynolds389 @Firstyear @tbordaz (Thanks!)
3280a9
---
3280a9
 ldap/servers/slapd/opshared.c | 15 ++++++++++-----
3280a9
 1 file changed, 10 insertions(+), 5 deletions(-)
3280a9
3280a9
diff --git a/ldap/servers/slapd/opshared.c b/ldap/servers/slapd/opshared.c
3280a9
index c0bc5dcd0..f5ed71144 100644
3280a9
--- a/ldap/servers/slapd/opshared.c
3280a9
+++ b/ldap/servers/slapd/opshared.c
3280a9
@@ -240,6 +240,7 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
3280a9
     int rc = 0;
3280a9
     int internal_op;
3280a9
     Slapi_DN *basesdn = NULL;
3280a9
+    Slapi_DN monitorsdn = {0};
3280a9
     Slapi_DN *sdn = NULL;
3280a9
     Slapi_Operation *operation = NULL;
3280a9
     Slapi_Entry *referral = NULL;
3280a9
@@ -765,9 +766,11 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
3280a9
             }
3280a9
         } else {
3280a9
             /* be_suffix null means that we are searching the default backend
3280a9
-       * -> don't change the search parameters in pblock
3280a9
-       */
3280a9
-            if (be_suffix != NULL) {
3280a9
+             * -> don't change the search parameters in pblock
3280a9
+             * Also, we skip this block for 'cn=monitor' search and its subsearches
3280a9
+             * as they are done by callbacks from monitor.c */
3280a9
+            slapi_sdn_init_dn_byref(&monitorsdn, "cn=monitor");
3280a9
+            if (!((be_suffix == NULL) || slapi_sdn_issuffix(basesdn, &monitorsdn))) {
3280a9
                 if ((be_name == NULL) && (scope == LDAP_SCOPE_ONELEVEL)) {
3280a9
                     /* one level searches
3280a9
            * - depending on the suffix of the backend we might have to
3280a9
@@ -789,8 +792,10 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
3280a9
                     } else if (slapi_sdn_issuffix(basesdn, be_suffix)) {
3280a9
                         int tmp_scope = LDAP_SCOPE_ONELEVEL;
3280a9
                         slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &tmp_scope);
3280a9
-                    } else
3280a9
+                    } else {
3280a9
+                        slapi_sdn_done(&monitorsdn);
3280a9
                         goto next_be;
3280a9
+                    }
3280a9
                 }
3280a9
 
3280a9
                 /* subtree searches :
3280a9
@@ -811,7 +816,7 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
3280a9
                     }
3280a9
                 }
3280a9
             }
3280a9
-
3280a9
+            slapi_sdn_done(&monitorsdn);
3280a9
             slapi_pblock_set(pb, SLAPI_BACKEND, be);
3280a9
             slapi_pblock_set(pb, SLAPI_PLUGIN, be->be_database);
3280a9
             slapi_pblock_set(pb, SLAPI_SEARCH_RESULT_SET, NULL);
3280a9
-- 
3280a9
2.26.2
3280a9