On Wed, Sep 12, 2012 at 12:35:25PM +0200, Petr Spacek wrote:
Hello,
There is a fix for LDAP operation selection logic in ldap_modify_do().
Each operation code in LDAPMod structure can be ORed
with LDAP_MOD_BVALUES.
Ack
From ab11e62ec2496f2c7245c4d8d80c2fd189b68aa9 Mon Sep 17 00:00:00 2001
From: Petr Spacek pspa...@redhat.com
Date: Tue, 11 Sep 2012 16:23:18 +0200
Subject: [PATCH] Fix LDAP operation selection logic in ldap_modify_do().
Each operation code in LDAPMod structure can be ORed
with LDAP_MOD_BVALUES.
Signed-off-by: Petr Spacek pspa...@redhat.com
---
src/ldap_helper.c | 29 +
1 file changed, 17 insertions(+), 12 deletions(-)
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index
058048f41485999be0d8ffeadea02f2e25879370..d9c7ce5d84c3944a86ff1865ff6be073ddc294c8
100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -2149,33 +2149,38 @@ ldap_modify_do(ldap_instance_t *ldap_inst,
ldap_connection_t *ldap_conn,
CHECK(ldap_connect(ldap_inst, ldap_conn, ISC_FALSE));
}
+ /* Any mod_op can be ORed with LDAP_MOD_BVALUES. */
+ if ((mods[0]-mod_op ~LDAP_MOD_BVALUES) == LDAP_MOD_ADD)
+ operation_str = modifying(add);
+ else if ((mods[0]-mod_op ~LDAP_MOD_BVALUES) == LDAP_MOD_DELETE)
+ operation_str = modifying(del);
+ else if ((mods[0]-mod_op ~LDAP_MOD_BVALUES) == LDAP_MOD_REPLACE)
+ operation_str = modifying(replace);
+ else {
+ operation_str = modifying(unknown operation);
+ log_bug(%s: 0x%x, operation_str, mods[0]-mod_op);
+ CHECK(ISC_R_NOTIMPLEMENTED);
+ }
+
if (delete_node) {
log_debug(2, deleting whole node: '%s', dn);
ret = ldap_delete_ext_s(ldap_conn-handle, dn, NULL, NULL);
} else {
- log_debug(2, writing to '%s', dn);
+ log_debug(2, writing to '%s': %s, dn, operation_str);
ret = ldap_modify_ext_s(ldap_conn-handle, dn, mods, NULL,
NULL);
}
result = (ret == LDAP_SUCCESS) ? ISC_R_SUCCESS : ISC_R_FAILURE;
if (ret == LDAP_SUCCESS)
goto cleanup;
- if (mods[0]-mod_op == LDAP_MOD_ADD)
- operation_str = modifying(add);
- else if (mods[0]-mod_op == LDAP_MOD_DELETE)
- operation_str = modifying(del);
- else {
- operation_str = modifying(unknown operation);
- CHECK(ISC_R_NOTIMPLEMENTED);
- }
-
LDAP_OPT_CHECK(ldap_get_option(ldap_conn-handle, LDAP_OPT_RESULT_CODE,
err_code), ldap_modify_do(%s) failed to obtain ldap
error code,
operation_str);
/* If there is no object yet, create it with an ldap add operation. */
- if (mods[0]-mod_op == LDAP_MOD_ADD err_code == LDAP_NO_SUCH_OBJECT)
{
+ if ((mods[0]-mod_op ~LDAP_MOD_BVALUES) == LDAP_MOD_ADD
+ err_code == LDAP_NO_SUCH_OBJECT) {
int i;
LDAPMod **new_mods;
char *obj_str[] = { idnsRecord, NULL };
@@ -2211,7 +2216,7 @@ ldap_modify_do(ldap_instance_t *ldap_inst,
ldap_connection_t *ldap_conn,
/* do not error out if we are trying to delete an
* unexisting attribute */
- if (mods[0]-mod_op != LDAP_MOD_DELETE ||
+ if ((mods[0]-mod_op ~LDAP_MOD_BVALUES) != LDAP_MOD_DELETE ||
err_code != LDAP_NO_SUCH_ATTRIBUTE) {
result = ISC_R_FAILURE;
}
--
1.7.11.4
--
Adam Tkac, Red Hat, Inc.
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel