zrhoffman / rpms / 389-ds-base

Forked from rpms/389-ds-base 3 years ago
Clone

Blame SOURCES/0029-Issue-4528-Fix-cn-monitor-SCOPE_ONE-search-4529.patch

be9751
From 2afc65fd1750afcb1667545da5625f5a932aacdd Mon Sep 17 00:00:00 2001
be9751
From: Simon Pichugin <spichugi@redhat.com>
be9751
Date: Wed, 13 Jan 2021 15:16:08 +0100
be9751
Subject: [PATCH] Issue 4528 - Fix cn=monitor SCOPE_ONE search (#4529)
be9751
be9751
Bug Description: While doing a ldapsearch on "cn=monitor" is
be9751
throwing err=32 with -s one.
be9751
be9751
Fix Description: 'cn=monitor' is not a real entry so we should not
be9751
trying to check if the searched suffix (cm=monitor or its children)
be9751
belongs to the searched backend.
be9751
be9751
Fixes: #4528
be9751
be9751
Reviewed by: @mreynolds389 @Firstyear @tbordaz (Thanks!)
be9751
---
be9751
 ldap/servers/slapd/opshared.c | 15 ++++++++++-----
be9751
 1 file changed, 10 insertions(+), 5 deletions(-)
be9751
be9751
diff --git a/ldap/servers/slapd/opshared.c b/ldap/servers/slapd/opshared.c
be9751
index c0bc5dcd0..f5ed71144 100644
be9751
--- a/ldap/servers/slapd/opshared.c
be9751
+++ b/ldap/servers/slapd/opshared.c
be9751
@@ -240,6 +240,7 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
be9751
     int rc = 0;
be9751
     int internal_op;
be9751
     Slapi_DN *basesdn = NULL;
be9751
+    Slapi_DN monitorsdn = {0};
be9751
     Slapi_DN *sdn = NULL;
be9751
     Slapi_Operation *operation = NULL;
be9751
     Slapi_Entry *referral = NULL;
be9751
@@ -765,9 +766,11 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
be9751
             }
be9751
         } else {
be9751
             /* be_suffix null means that we are searching the default backend
be9751
-       * -> don't change the search parameters in pblock
be9751
-       */
be9751
-            if (be_suffix != NULL) {
be9751
+             * -> don't change the search parameters in pblock
be9751
+             * Also, we skip this block for 'cn=monitor' search and its subsearches
be9751
+             * as they are done by callbacks from monitor.c */
be9751
+            slapi_sdn_init_dn_byref(&monitorsdn, "cn=monitor");
be9751
+            if (!((be_suffix == NULL) || slapi_sdn_issuffix(basesdn, &monitorsdn))) {
be9751
                 if ((be_name == NULL) && (scope == LDAP_SCOPE_ONELEVEL)) {
be9751
                     /* one level searches
be9751
            * - depending on the suffix of the backend we might have to
be9751
@@ -789,8 +792,10 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
be9751
                     } else if (slapi_sdn_issuffix(basesdn, be_suffix)) {
be9751
                         int tmp_scope = LDAP_SCOPE_ONELEVEL;
be9751
                         slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &tmp_scope);
be9751
-                    } else
be9751
+                    } else {
be9751
+                        slapi_sdn_done(&monitorsdn);
be9751
                         goto next_be;
be9751
+                    }
be9751
                 }
be9751
 
be9751
                 /* subtree searches :
be9751
@@ -811,7 +816,7 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
be9751
                     }
be9751
                 }
be9751
             }
be9751
-
be9751
+            slapi_sdn_done(&monitorsdn);
be9751
             slapi_pblock_set(pb, SLAPI_BACKEND, be);
be9751
             slapi_pblock_set(pb, SLAPI_PLUGIN, be->be_database);
be9751
             slapi_pblock_set(pb, SLAPI_SEARCH_RESULT_SET, NULL);
be9751
-- 
be9751
2.26.2
be9751