zrhoffman / rpms / 389-ds-base

Forked from rpms/389-ds-base 3 years ago
Clone

Blame SOURCES/0029-Issue-4528-Fix-cn-monitor-SCOPE_ONE-search-4529.patch

1ce915
From 2afc65fd1750afcb1667545da5625f5a932aacdd Mon Sep 17 00:00:00 2001
1ce915
From: Simon Pichugin <spichugi@redhat.com>
1ce915
Date: Wed, 13 Jan 2021 15:16:08 +0100
1ce915
Subject: [PATCH] Issue 4528 - Fix cn=monitor SCOPE_ONE search (#4529)
1ce915
1ce915
Bug Description: While doing a ldapsearch on "cn=monitor" is
1ce915
throwing err=32 with -s one.
1ce915
1ce915
Fix Description: 'cn=monitor' is not a real entry so we should not
1ce915
trying to check if the searched suffix (cm=monitor or its children)
1ce915
belongs to the searched backend.
1ce915
1ce915
Fixes: #4528
1ce915
1ce915
Reviewed by: @mreynolds389 @Firstyear @tbordaz (Thanks!)
1ce915
---
1ce915
 ldap/servers/slapd/opshared.c | 15 ++++++++++-----
1ce915
 1 file changed, 10 insertions(+), 5 deletions(-)
1ce915
1ce915
diff --git a/ldap/servers/slapd/opshared.c b/ldap/servers/slapd/opshared.c
1ce915
index c0bc5dcd0..f5ed71144 100644
1ce915
--- a/ldap/servers/slapd/opshared.c
1ce915
+++ b/ldap/servers/slapd/opshared.c
1ce915
@@ -240,6 +240,7 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
1ce915
     int rc = 0;
1ce915
     int internal_op;
1ce915
     Slapi_DN *basesdn = NULL;
1ce915
+    Slapi_DN monitorsdn = {0};
1ce915
     Slapi_DN *sdn = NULL;
1ce915
     Slapi_Operation *operation = NULL;
1ce915
     Slapi_Entry *referral = NULL;
1ce915
@@ -765,9 +766,11 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
1ce915
             }
1ce915
         } else {
1ce915
             /* be_suffix null means that we are searching the default backend
1ce915
-       * -> don't change the search parameters in pblock
1ce915
-       */
1ce915
-            if (be_suffix != NULL) {
1ce915
+             * -> don't change the search parameters in pblock
1ce915
+             * Also, we skip this block for 'cn=monitor' search and its subsearches
1ce915
+             * as they are done by callbacks from monitor.c */
1ce915
+            slapi_sdn_init_dn_byref(&monitorsdn, "cn=monitor");
1ce915
+            if (!((be_suffix == NULL) || slapi_sdn_issuffix(basesdn, &monitorsdn))) {
1ce915
                 if ((be_name == NULL) && (scope == LDAP_SCOPE_ONELEVEL)) {
1ce915
                     /* one level searches
1ce915
            * - depending on the suffix of the backend we might have to
1ce915
@@ -789,8 +792,10 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
1ce915
                     } else if (slapi_sdn_issuffix(basesdn, be_suffix)) {
1ce915
                         int tmp_scope = LDAP_SCOPE_ONELEVEL;
1ce915
                         slapi_pblock_set(pb, SLAPI_SEARCH_SCOPE, &tmp_scope);
1ce915
-                    } else
1ce915
+                    } else {
1ce915
+                        slapi_sdn_done(&monitorsdn);
1ce915
                         goto next_be;
1ce915
+                    }
1ce915
                 }
1ce915
 
1ce915
                 /* subtree searches :
1ce915
@@ -811,7 +816,7 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
1ce915
                     }
1ce915
                 }
1ce915
             }
1ce915
-
1ce915
+            slapi_sdn_done(&monitorsdn);
1ce915
             slapi_pblock_set(pb, SLAPI_BACKEND, be);
1ce915
             slapi_pblock_set(pb, SLAPI_PLUGIN, be->be_database);
1ce915
             slapi_pblock_set(pb, SLAPI_SEARCH_RESULT_SET, NULL);
1ce915
-- 
1ce915
2.26.2
1ce915