[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6077) Spurious uniqueness errors with filters in unique overlays

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6077) Spurious uniqueness errors with filters in unique overlays
From: andres@anarazel.de
Date: Sun, 26 Apr 2009 00:22:17 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

This is a multi-part message in MIME format.
--------------080405020304060402030808
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

Fixing this for unique_add seams easy enough (see preliminary attached 
patch) - fixing it for modrdn/modify seems to be another difficulty 
level as in order to properly apply the filter I think the full 
modifications have to be applied...

If wanted I can produce a patch for this as well, but I would like to 
know if that is appreciated and if my plan for fixing looks sensible:
- Pull the "modification simulation" code out of constraint.c (line 
959:1040 and some more in 2.4.16) into constraints.c
- Add a overlay-int.h
- Make constraint.c and unique.c use that

As I dont really know the openldap codebase my analysis could be 
completely wrong - I would appreciate some feedback.

Andres



--------------080405020304060402030808
Content-Type: text/x-diff;
 name="slapd-unique-overlay-spurious-failure-fix-add.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="slapd-unique-overlay-spurious-failure-fix-add.patch"

--- openldap-2.4.16.saved/servers/slapd/overlays/unique.c	2009-04-23 23:51:37.925387747 +0200
+++ openldap-2.4.16/servers/slapd/overlays/unique.c	2009-04-26 01:58:54.566927667 +0200
@@ -1071,6 +1071,24 @@
 			     && !dnIsSuffix( &op->o_req_ndn, &uri->ndn ))
 				continue;
 
+			if (uri->filter.bv_val && uri->filter.bv_len){
+				Filter *f = str2filter_x(op,
+							 uri->filter.bv_val);
+				if(f == NULL) {
+					op->o_bd->bd_info = (BackendInfo *) on->on_info;
+					send_ldap_error(op, rs, LDAP_OTHER,
+							"unique_search invalid filter");
+					return(rs->sr_err);
+				}
+
+				if(test_filter(NULL, op->ora_e, f) == LDAP_COMPARE_FALSE){
+					Debug(LDAP_DEBUG_TRACE, "==> unique_add_skip<%s>\n",
+					      op->o_req_dn.bv_val, 0, 0);
+					continue;
+				}
+				filter_free_x(op, f, 1);
+			}
+
 			if(!(a = op->ora_e->e_attrs)) {
 				op->o_bd->bd_info = (BackendInfo *) on->on_info;
 				send_ldap_error(op, rs, LDAP_INVALID_SYNTAX,

--------------080405020304060402030808--

Prev by Date: Re: (ITS#6076) slapo-collect: slapd repeatable segfaults caused by deletion of a single olcCollectInfo config value (when olcCollectInfo contains multiple configuration values)
Next by Date: (ITS#6078) Slapd.exe crashes when writing entries while reading many entries.
Index(es):
- Chronological
- Thread