modrdn.c revision 1.1
1 /* $NetBSD: modrdn.c,v 1.1 2025/09/05 21:09:50 christos Exp $ */ 2 3 /* OpenLDAP WiredTiger backend */ 4 /* $OpenLDAP$ */ 5 /* This work is part of OpenLDAP Software <http://www.openldap.org/>. 6 * 7 * Copyright 2002-2024 The OpenLDAP Foundation. 8 * All rights reserved. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted only as authorized by the OpenLDAP 12 * Public License. 13 * 14 * A copy of this license is available in the file LICENSE in the 15 * top-level directory of the distribution or, alternatively, at 16 * <http://www.OpenLDAP.org/license.html>. 17 */ 18 /* ACKNOWLEDGEMENTS: 19 * This work was developed by HAMANO Tsukasa <hamano (at) osstech.co.jp> 20 * based on back-bdb for inclusion in OpenLDAP Software. 21 * WiredTiger is a product of MongoDB Inc. 22 */ 23 24 #include <sys/cdefs.h> 25 __RCSID("$NetBSD: modrdn.c,v 1.1 2025/09/05 21:09:50 christos Exp $"); 26 27 #include "portable.h" 28 29 #include <stdio.h> 30 #include "back-wt.h" 31 #include "slap-config.h" 32 33 int 34 wt_modrdn( Operation *op, SlapReply *rs ) 35 { 36 struct wt_info *wi = (struct wt_info *) op->o_bd->be_private; 37 AttributeDescription *children = slap_schema.si_ad_children; 38 AttributeDescription *entry = slap_schema.si_ad_entry; 39 wt_ctx *wc = NULL; 40 Entry *e = NULL; 41 Entry *p = NULL; 42 Entry *ne = NULL; 43 Entry dummy = {0}; 44 45 struct berval p_dn, p_ndn; 46 struct berval new_dn = {0, NULL}, new_ndn = {0, NULL}; 47 48 Entry *np = NULL; /* newSuperior Entry */ 49 struct berval *np_dn = NULL; /* newSuperior dn */ 50 struct berval *np_ndn = NULL; /* newSuperior ndn */ 51 struct berval *new_parent_dn = NULL; /* np_dn, p_dn, or NULL */ 52 53 int manageDSAit = get_manageDSAit( op ); 54 char textbuf[SLAP_TEXT_BUFLEN]; 55 size_t textlen = sizeof textbuf; 56 LDAPControl **preread_ctrl = NULL; 57 LDAPControl **postread_ctrl = NULL; 58 LDAPControl *ctrls[SLAP_MAX_RESPONSE_CONTROLS]; 59 int num_ctrls = 0; 60 61 int rc; 62 63 int parent_is_glue = 0; 64 int parent_is_leaf = 0; 65 66 Debug( LDAP_DEBUG_TRACE, "==> wt_modrdn(%s -> newrdn=%s - newsup=%s)\n", 67 op->o_req_dn.bv_val, 68 op->oq_modrdn.rs_newrdn.bv_val, 69 op->oq_modrdn.rs_newSup?op->oq_modrdn.rs_newSup->bv_val:"NULL" ); 70 71 ctrls[num_ctrls] = NULL; 72 73 slap_mods_opattrs( op, &op->orr_modlist, 1 ); 74 75 wc = wt_ctx_get(op, wi); 76 if( !wc ){ 77 Debug( LDAP_DEBUG_ANY, "wt_modrdn: wt_ctx_get failed\n"); 78 rs->sr_err = LDAP_OTHER; 79 rs->sr_text = "internal error"; 80 send_ldap_result( op, rs ); 81 return rs->sr_err; 82 } 83 84 /* get parent entry */ 85 if ( be_issuffix( op->o_bd, &op->o_req_ndn ) ) { 86 rs->sr_err = LDAP_NAMING_VIOLATION; 87 rs->sr_text = "cannot rename suffix entry"; 88 goto return_results; 89 } else { 90 dnParent( &op->o_req_ndn, &p_ndn ); 91 } 92 93 rc = wt_dn2entry(op->o_bd, wc, &p_ndn, &p); 94 switch( rc ) { 95 case 0: 96 break; 97 case WT_NOTFOUND: 98 Debug( LDAP_DEBUG_ARGS, 99 "<== wt_modrdn: parent does not exist %s\n", p_ndn.bv_val); 100 rs->sr_err = LDAP_NO_SUCH_OBJECT; 101 goto return_results; 102 default: 103 Debug( LDAP_DEBUG_ANY, 104 "<== wt_modrdn: wt_dn2entry failed (%d)\n", rc ); 105 rs->sr_err = LDAP_OTHER; 106 rs->sr_text = "internal error"; 107 goto return_results; 108 } 109 110 /* check parent for "children" acl */ 111 rc = access_allowed( op, p, children, NULL, 112 op->oq_modrdn.rs_newSup == NULL ? 113 ACL_WRITE : ACL_WDEL, NULL ); 114 115 if ( !rc ) { 116 rs->sr_err = LDAP_INSUFFICIENT_ACCESS; 117 Debug( LDAP_DEBUG_TRACE, 118 "wt_modrdn: no access to parent\n"); 119 rs->sr_text = "no write access to old parent's children"; 120 goto return_results; 121 } 122 123 Debug( LDAP_DEBUG_TRACE, 124 "wt_modrdn: wr to children of entry %s OK\n", p_ndn.bv_val ); 125 126 if ( p_ndn.bv_val == slap_empty_bv.bv_val ) { 127 p_dn = slap_empty_bv; 128 } else { 129 dnParent( &op->o_req_dn, &p_dn ); 130 } 131 132 Debug( LDAP_DEBUG_TRACE, 133 "wt_modrdn: parent dn=%s\n", p_dn.bv_val ); 134 135 /* get entry */ 136 rc = wt_dn2entry(op->o_bd, wc, &op->o_req_ndn, &e); 137 switch( rc ) { 138 case 0: 139 break; 140 case WT_NOTFOUND: 141 break; 142 default: 143 Debug( LDAP_DEBUG_ANY, 144 "<== wt_modrdn: wt_dn2entry failed (%d)\n", rc ); 145 rs->sr_err = LDAP_OTHER; 146 rs->sr_text = "internal error"; 147 goto return_results; 148 } 149 150 if ( rc == WT_NOTFOUND || 151 ( !manageDSAit && e && is_entry_glue( e ) )) { 152 153 if ( !e ) { 154 Debug( LDAP_DEBUG_ARGS, 155 "<== wt_modrdn: no such object %s\n", op->o_req_dn.bv_val); 156 rc = wt_dn2aentry(op->o_bd, wc, &op->o_req_ndn, &e); 157 switch( rc ) { 158 case 0: 159 break; 160 case WT_NOTFOUND: 161 rs->sr_err = LDAP_NO_SUCH_OBJECT; 162 goto return_results; 163 default: 164 Debug( LDAP_DEBUG_ANY, "wt_modrdn: wt_dn2aentry failed (%d)\n", rc ); 165 rs->sr_err = LDAP_OTHER; 166 rs->sr_text = "internal error"; 167 goto return_results; 168 } 169 } 170 171 rs->sr_matched = ch_strdup( e->e_dn ); 172 173 if ( is_entry_referral( e ) ) { 174 BerVarray ref = get_entry_referrals( op, e ); 175 rs->sr_ref = referral_rewrite( ref, &e->e_name, 176 &op->o_req_dn, LDAP_SCOPE_DEFAULT ); 177 ber_bvarray_free( ref ); 178 } else { 179 rs->sr_ref = NULL; 180 } 181 rs->sr_flags = REP_MATCHED_MUSTBEFREED | REP_REF_MUSTBEFREED; 182 rs->sr_err = LDAP_REFERRAL; 183 send_ldap_result( op, rs ); 184 goto done; 185 } 186 187 if ( get_assert( op ) && 188 ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE )) 189 { 190 rs->sr_err = LDAP_ASSERTION_FAILED; 191 goto return_results; 192 } 193 194 /* check write on old entry */ 195 rc = access_allowed( op, e, entry, NULL, ACL_WRITE, NULL ); 196 if ( !rc ) { 197 Debug( LDAP_DEBUG_TRACE, "wt_modrdn: no access to entry\n"); 198 rs->sr_text = "no write access to old entry"; 199 rs->sr_err = LDAP_INSUFFICIENT_ACCESS; 200 goto return_results; 201 } 202 203 /* Can't do it if we have kids */ 204 rc = wt_dn2id_has_children( op, wc, e->e_id ); 205 if( rc != WT_NOTFOUND ) { 206 switch( rc ) { 207 case 0: 208 Debug(LDAP_DEBUG_ARGS, "<== wt_modrdn: non-leaf %s\n", op->o_req_dn.bv_val); 209 rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF; 210 rs->sr_text = "subtree rename not supported"; 211 break; 212 default: 213 Debug(LDAP_DEBUG_ARGS, 214 "<== wt_modrdn: has_children failed: %s (%d)\n", 215 wiredtiger_strerror(rc), rc ); 216 rs->sr_err = LDAP_OTHER; 217 rs->sr_text = "internal error"; 218 } 219 goto return_results; 220 } 221 222 if (!manageDSAit && is_entry_referral( e ) ) { 223 /* parent is a referral, don't allow add */ 224 rs->sr_ref = get_entry_referrals( op, e ); 225 226 Debug( LDAP_DEBUG_TRACE, 227 "wt_modrdn: entry %s is referral\n", e->e_dn ); 228 229 rs->sr_err = LDAP_REFERRAL, 230 rs->sr_matched = e->e_name.bv_val; 231 send_ldap_result( op, rs ); 232 233 ber_bvarray_free( rs->sr_ref ); 234 rs->sr_ref = NULL; 235 rs->sr_matched = NULL; 236 goto done; 237 } 238 239 new_parent_dn = &p_dn; /* New Parent unless newSuperior given */ 240 if ( op->oq_modrdn.rs_newSup != NULL ) { 241 Debug( LDAP_DEBUG_TRACE, 242 "wt_modrdn: new parent \"%s\" requested...\n", 243 op->oq_modrdn.rs_newSup->bv_val ); 244 245 /* newSuperior == oldParent? */ 246 if( dn_match( &p_ndn, op->oq_modrdn.rs_nnewSup ) ) { 247 Debug( LDAP_DEBUG_TRACE, 248 "wt_modrdn: new parent \"%s\" same as the old parent \"%s\"\n", 249 op->oq_modrdn.rs_newSup->bv_val, p_dn.bv_val ); 250 op->oq_modrdn.rs_newSup = NULL; /* ignore newSuperior */ 251 } 252 } 253 254 if ( op->oq_modrdn.rs_newSup != NULL ) { 255 if ( op->oq_modrdn.rs_newSup->bv_len ) { 256 np_dn = op->oq_modrdn.rs_newSup; 257 np_ndn = op->oq_modrdn.rs_nnewSup; 258 259 /* newSuperior == oldParent? - checked above */ 260 /* newSuperior == entry being moved?, if so ==> ERROR */ 261 if ( dnIsSuffix( np_ndn, &e->e_nname )) { 262 rs->sr_err = LDAP_NO_SUCH_OBJECT; 263 rs->sr_text = "new superior not found"; 264 goto return_results; 265 } 266 /* Get Entry with dn=newSuperior. Does newSuperior exist? */ 267 rc = wt_dn2entry(op->o_bd, wc, np_ndn, &np); 268 switch( rc ) { 269 case 0: 270 break; 271 case WT_NOTFOUND: 272 Debug( LDAP_DEBUG_ANY, 273 "<== wt_modrdn: new superior not found: %s\n", 274 np_ndn->bv_val ); 275 rs->sr_err = LDAP_NO_SUCH_OBJECT; 276 rs->sr_text = "new superior not found"; 277 goto return_results; 278 default: 279 Debug( LDAP_DEBUG_ANY, 280 "<== wt_modrdn: wt_dn2entry failed %s (%d)\n", 281 wiredtiger_strerror(rc), rc ); 282 rs->sr_err = LDAP_OTHER; 283 rs->sr_text = "internal error"; 284 goto return_results; 285 } 286 Debug( LDAP_DEBUG_TRACE, 287 "wt_modrdn: wr to new parent OK np=%p, id=%ld\n", 288 (void *) np, (long) np->e_id ); 289 rs->sr_err = access_allowed( op, np, children, 290 NULL, ACL_WADD, NULL ); 291 if( ! rs->sr_err ) { 292 Debug( LDAP_DEBUG_TRACE, 293 "wt_modrdn: no wr to newSup children\n" ); 294 rs->sr_text = "no write access to new superior's children"; 295 rs->sr_err = LDAP_INSUFFICIENT_ACCESS; 296 goto return_results; 297 } 298 if ( is_entry_alias( np ) ) { 299 Debug( LDAP_DEBUG_TRACE, 300 "wt_modrdn: entry is alias\n" ); 301 rs->sr_text = "new superior is an alias"; 302 rs->sr_err = LDAP_ALIAS_PROBLEM; 303 goto return_results; 304 } 305 if ( is_entry_referral( np ) ) { 306 /* parent is a referral, don't allow add */ 307 Debug( LDAP_DEBUG_TRACE, 308 "wt_modrdn: entry is referral\n" ); 309 rs->sr_text = "new superior is a referral"; 310 rs->sr_err = LDAP_OTHER; 311 goto return_results; 312 } 313 } else { 314 /* no parent, modrdn entry directly under root */ 315 /* TODO: */ 316 Debug( LDAP_DEBUG_TRACE, 317 "wt_modrdn: no parent, not implement yet\n" ); 318 rs->sr_text = "not implement yet"; 319 rs->sr_err = LDAP_OTHER; 320 goto return_results; 321 } 322 323 Debug( LDAP_DEBUG_TRACE, 324 "wt_modrdn: wr to new parent's children OK\n" ); 325 new_parent_dn = np_dn; 326 } 327 328 /* Build target dn and make sure target entry doesn't exist already. */ 329 if (!new_dn.bv_val) { 330 build_new_dn( &new_dn, new_parent_dn, &op->oq_modrdn.rs_newrdn, NULL ); 331 } 332 333 if (!new_ndn.bv_val) { 334 struct berval bv = {0, NULL}; 335 dnNormalize( 0, NULL, NULL, &new_dn, &bv, op->o_tmpmemctx ); 336 ber_dupbv( &new_ndn, &bv ); 337 /* FIXME: why not call dnNormalize() w/o ctx? */ 338 op->o_tmpfree( bv.bv_val, op->o_tmpmemctx ); 339 } 340 341 Debug( LDAP_DEBUG_TRACE, 342 "wt_modrdn: new ndn=%s\n", new_ndn.bv_val ); 343 344 /* check new entry */ 345 rc = wt_dn2entry(op->o_bd, wc, &new_ndn, &ne); 346 switch( rc ) { 347 case 0: 348 /* Allow rename to same DN */ 349 if(e->e_id == ne->e_id){ 350 break; 351 } 352 rs->sr_err = LDAP_ALREADY_EXISTS; 353 goto return_results; 354 break; 355 case WT_NOTFOUND: 356 break; 357 default: 358 Debug( LDAP_DEBUG_ANY, 359 "<== wt_modrdn: wt_dn2entry failed %s (%d)\n", 360 wiredtiger_strerror(rc), rc ); 361 rs->sr_err = LDAP_OTHER; 362 rs->sr_text = "internal error"; 363 goto return_results; 364 } 365 366 assert( op->orr_modlist != NULL ); 367 368 if( op->o_preread ) { 369 if( preread_ctrl == NULL ) { 370 preread_ctrl = &ctrls[num_ctrls++]; 371 ctrls[num_ctrls] = NULL; 372 } 373 if( slap_read_controls( op, rs, e, 374 &slap_pre_read_bv, preread_ctrl ) ) 375 { 376 Debug( LDAP_DEBUG_TRACE, 377 "<== wt_modrdn: pre-read failed!\n" ); 378 if ( op->o_preread & SLAP_CONTROL_CRITICAL ) { 379 /* FIXME: is it correct to abort 380 * operation if control fails? */ 381 goto return_results; 382 } 383 } 384 } 385 386 /* begin transaction */ 387 rc = wc->session->begin_transaction(wc->session, NULL); 388 if( rc ) { 389 Debug( LDAP_DEBUG_TRACE, 390 "wt_modrdn: begin_transaction failed: %s (%d)\n", 391 wiredtiger_strerror(rc), rc ); 392 rs->sr_err = LDAP_OTHER; 393 rs->sr_text = "begin_transaction failed"; 394 goto return_results; 395 } 396 wc->is_begin_transaction = 1; 397 Debug( LDAP_DEBUG_TRACE, 398 "wt_modrdn: session id: %p\n", wc->session ); 399 400 /* delete old DN */ 401 rc = wt_dn2id_delete( op, wc, &e->e_nname); 402 if ( rc ) { 403 Debug(LDAP_DEBUG_TRACE, 404 "<== wt_modrdn: delete failed: %s (%d)\n", 405 wiredtiger_strerror(rc), rc ); 406 rs->sr_err = LDAP_OTHER; 407 rs->sr_text = "dn2id delete failed"; 408 goto return_results; 409 } 410 411 /* copy the entry, then override some fields */ 412 dummy = *e; 413 dummy.e_name = new_dn; 414 dummy.e_nname = new_ndn; 415 dummy.e_attrs = NULL; 416 417 /* add new DN */ 418 rc = wt_dn2id_add( op, wc, np?np->e_id:p->e_id, &dummy ); 419 if ( rc ) { 420 Debug(LDAP_DEBUG_TRACE, 421 "<== wt_modrdn: add failed: %s (%d)\n", 422 wiredtiger_strerror(rc), rc ); 423 rs->sr_err = LDAP_OTHER; 424 rs->sr_text = "DN add failed"; 425 goto return_results; 426 } 427 dummy.e_attrs = e->e_attrs; 428 429 rc = wt_modify_internal( op, wc, op->orm_modlist, 430 &dummy, &rs->sr_text, textbuf, textlen ); 431 if( rc != LDAP_SUCCESS ) { 432 Debug(LDAP_DEBUG_TRACE, 433 "<== wt_modrdn: modify failed: %s (%d)\n", 434 wiredtiger_strerror(rc), rc ); 435 if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL; 436 goto return_results; 437 } 438 439 /* update entry */ 440 rc = wt_id2entry_update( op, wc, &dummy ); 441 if ( rc != 0 ) { 442 Debug( LDAP_DEBUG_TRACE, 443 "wt_modrdn: id2entry update failed(%d)\n", rc ); 444 if ( rc == LDAP_ADMINLIMIT_EXCEEDED ) { 445 rs->sr_text = "entry too big"; 446 } else { 447 rs->sr_err = LDAP_OTHER; 448 rs->sr_text = "entry update failed"; 449 } 450 goto return_results; 451 } 452 453 if ( p_ndn.bv_len != 0 ) { 454 parent_is_glue = is_entry_glue(p); 455 /* TODO: glue entry handling */ 456 } 457 458 if( op->o_postread ) { 459 if( postread_ctrl == NULL ) { 460 postread_ctrl = &ctrls[num_ctrls++]; 461 ctrls[num_ctrls] = NULL; 462 } 463 if( slap_read_controls( op, rs, &dummy, 464 &slap_post_read_bv, postread_ctrl ) ) 465 { 466 Debug( LDAP_DEBUG_TRACE, 467 "<== wt_modrdn: post-read failed!\n" ); 468 if ( op->o_postread & SLAP_CONTROL_CRITICAL ) { 469 /* FIXME: is it correct to abort 470 * operation if control fails? */ 471 goto return_results; 472 } 473 } 474 } 475 476 if( op->o_noop ) { 477 rs->sr_err = LDAP_X_NO_OPERATION; 478 goto return_results; 479 } 480 481 rc = wc->session->commit_transaction(wc->session, NULL); 482 wc->is_begin_transaction = 0; 483 if( rc ) { 484 Debug( LDAP_DEBUG_TRACE, 485 "<== wt_modrdn: commit failed: %s (%d)\n", 486 wiredtiger_strerror(rc), rc ); 487 rs->sr_err = LDAP_OTHER; 488 rs->sr_text = "commit failed"; 489 goto return_results; 490 } 491 492 Debug(LDAP_DEBUG_TRACE, 493 "wt_modrdn: rdn modified%s id=%08lx dn=\"%s\"\n", 494 op->o_noop ? " (no-op)" : "", 495 dummy.e_id, op->o_req_dn.bv_val ); 496 497 rs->sr_err = LDAP_SUCCESS; 498 rs->sr_text = NULL; 499 if( num_ctrls ) rs->sr_ctrls = ctrls; 500 501 return_results: 502 if ( dummy.e_attrs ) { 503 attrs_free( dummy.e_attrs ); 504 } 505 send_ldap_result( op, rs ); 506 507 if ( rs->sr_err == LDAP_SUCCESS && parent_is_glue && parent_is_leaf ) { 508 op->o_delete_glue_parent = 1; 509 } 510 511 done: 512 if( wc && wc->is_begin_transaction ){ 513 Debug( LDAP_DEBUG_TRACE, "wt_modrdn: rollback transaction\n" ); 514 wc->session->rollback_transaction(wc->session, NULL); 515 wc->is_begin_transaction = 0; 516 } 517 518 slap_graduate_commit_csn( op ); 519 520 if( new_dn.bv_val != NULL ) free( new_dn.bv_val ); 521 if( new_ndn.bv_val != NULL ) free( new_ndn.bv_val ); 522 523 /* free entry */ 524 if( e != NULL ) { 525 wt_entry_return( e ); 526 } 527 /* free parent entry */ 528 if( p != NULL ) { 529 wt_entry_return( p ); 530 } 531 /* free new entry */ 532 if( ne != NULL ) { 533 wt_entry_return( ne ); 534 } 535 /* free new parent entry */ 536 if( np != NULL ) { 537 wt_entry_return( np ); 538 } 539 540 if( preread_ctrl != NULL && (*preread_ctrl) != NULL ) { 541 slap_sl_free( (*preread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx ); 542 slap_sl_free( *preread_ctrl, op->o_tmpmemctx ); 543 } 544 if( postread_ctrl != NULL && (*postread_ctrl) != NULL ) { 545 slap_sl_free( (*postread_ctrl)->ldctl_value.bv_val, op->o_tmpmemctx ); 546 slap_sl_free( *postread_ctrl, op->o_tmpmemctx ); 547 } 548 return rs->sr_err; 549 } 550 551 /* 552 * Local variables: 553 * indent-tabs-mode: t 554 * tab-width: 4 555 * c-basic-offset: 4 556 * End: 557 */ 558
Indexes created Sun Apr 19 00:22:55 UTC 2026