LCOV - code coverage report
Current view: top level - lib/ldb/modules - rdn_name.c (source / functions) Hit Total Coverage
Test: coverage report for fix-15632 9995c5c2 Lines: 179 289 61.9 %
Date: 2024-04-13 12:30:31 Functions: 8 9 88.9 %

          Line data    Source code
       1             : /*
       2             :    ldb database library
       3             : 
       4             :    Copyright (C) Andrew Bartlett 2005-2009
       5             :    Copyright (C) Simo Sorce 2006-2008
       6             : 
       7             :      ** NOTE! The following LGPL license applies to the ldb
       8             :      ** library. This does NOT imply that all of Samba is released
       9             :      ** under the LGPL
      10             : 
      11             :    This library is free software; you can redistribute it and/or
      12             :    modify it under the terms of the GNU Lesser General Public
      13             :    License as published by the Free Software Foundation; either
      14             :    version 3 of the License, or (at your option) any later version.
      15             : 
      16             :    This library is distributed in the hope that it will be useful,
      17             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      18             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      19             :    Lesser General Public License for more details.
      20             : 
      21             :    You should have received a copy of the GNU Lesser General Public
      22             :    License along with this library; if not, see <http://www.gnu.org/licenses/>.
      23             : */
      24             : 
      25             : /*
      26             :  *  Name: rdn_name
      27             :  *
      28             :  *  Component: ldb rdn name module
      29             :  *
      30             :  *  Description: keep a consistent name attribute on objects manpulations
      31             :  *
      32             :  *  Author: Andrew Bartlett
      33             :  *
      34             :  *  Modifications:
      35             :  *    - made the module async
      36             :  *      Simo Sorce Mar 2006
      37             :  */
      38             : 
      39             : #include "replace.h"
      40             : #include "system/filesys.h"
      41             : #include "system/time.h"
      42             : #include "ldb_module.h"
      43             : 
      44             : struct rename_context {
      45             :         struct ldb_module *module;
      46             :         struct ldb_request *req;
      47             : 
      48             :         struct ldb_reply *ares;
      49             : };
      50             : 
      51      677003 : static int rdn_name_add_callback(struct ldb_request *req,
      52             :                                  struct ldb_reply *ares)
      53             : {
      54       83911 :         struct rename_context *ac;
      55             : 
      56      677003 :         ac = talloc_get_type(req->context, struct rename_context);
      57             : 
      58      677003 :         if (!ares) {
      59           0 :                 return ldb_module_done(ac->req, NULL, NULL,
      60             :                                         LDB_ERR_OPERATIONS_ERROR);
      61             :         }
      62             : 
      63      677003 :         if (ares->type == LDB_REPLY_REFERRAL) {
      64           0 :                 return ldb_module_send_referral(ac->req, ares->referral);
      65             :         }
      66             : 
      67      677003 :         if (ares->error != LDB_SUCCESS) {
      68         362 :                 return ldb_module_done(ac->req, ares->controls,
      69             :                                         ares->response, ares->error);
      70             :         }
      71             : 
      72      676641 :         if (ares->type != LDB_REPLY_DONE) {
      73           0 :                 return ldb_module_done(ac->req, NULL, NULL,
      74             :                                         LDB_ERR_OPERATIONS_ERROR);
      75             :         }
      76             : 
      77      676641 :         return ldb_module_done(ac->req, ares->controls,
      78             :                                         ares->response, LDB_SUCCESS);
      79             : }
      80             : 
      81      685955 : static int rdn_name_add(struct ldb_module *module, struct ldb_request *req)
      82             : {
      83       83986 :         struct ldb_context *ldb;
      84       83986 :         struct ldb_request *down_req;
      85       83986 :         struct rename_context *ac;
      86       83986 :         struct ldb_message *msg;
      87       83986 :         struct ldb_message_element *attribute;
      88       83986 :         const struct ldb_schema_attribute *a;
      89       83986 :         const char *rdn_name;
      90       83986 :         const struct ldb_val *rdn_val_p;
      91       83986 :         struct ldb_val rdn_val;
      92       83986 :         unsigned int i;
      93       83986 :         int ret;
      94             : 
      95      685955 :         ldb = ldb_module_get_ctx(module);
      96             : 
      97             :         /* do not manipulate our control entries */
      98      685955 :         if (ldb_dn_is_special(req->op.add.message->dn)) {
      99        8951 :                 return ldb_next_request(module, req);
     100             :         }
     101             : 
     102      677004 :         ac = talloc_zero(req, struct rename_context);
     103      677004 :         if (ac == NULL) {
     104           0 :                 return LDB_ERR_OPERATIONS_ERROR;
     105             :         }
     106             : 
     107      677004 :         ac->module = module;
     108      677004 :         ac->req = req;
     109             : 
     110      677004 :         msg = ldb_msg_copy_shallow(req, req->op.add.message);
     111      677004 :         if (msg == NULL) {
     112           0 :                 return LDB_ERR_OPERATIONS_ERROR;
     113             :         }
     114             : 
     115      677004 :         rdn_name = ldb_dn_get_rdn_name(msg->dn);
     116      677004 :         if (rdn_name == NULL) {
     117           0 :                 return LDB_ERR_OPERATIONS_ERROR;
     118             :         }
     119             : 
     120      677004 :         rdn_val_p = ldb_dn_get_rdn_val(msg->dn);
     121      677004 :         if (rdn_val_p == NULL) {
     122           0 :                 return LDB_ERR_OPERATIONS_ERROR;
     123             :         }
     124      677004 :         if (rdn_val_p->length == 0) {
     125           0 :                 ldb_asprintf_errstring(ldb, "Empty RDN value on %s not permitted!",
     126           0 :                                        ldb_dn_get_linearized(req->op.add.message->dn));
     127           0 :                 return LDB_ERR_INVALID_DN_SYNTAX;
     128             :         }
     129      677004 :         rdn_val = ldb_val_dup(msg, rdn_val_p);
     130             : 
     131             :         /* Perhaps someone above us tried to set this? Then ignore it */
     132      677004 :         ldb_msg_remove_attr(msg, "name");
     133             : 
     134      677004 :         ret = ldb_msg_add_value(msg, "name", &rdn_val, NULL);
     135      677004 :         if (ret != LDB_SUCCESS) {
     136           0 :                 return ret;
     137             :         }
     138             : 
     139      677004 :         a = ldb_schema_attribute_by_name(ldb, rdn_name);
     140      677004 :         if (a == NULL) {
     141           0 :                 return LDB_ERR_OPERATIONS_ERROR;
     142             :         }
     143             : 
     144      677004 :         attribute = ldb_msg_find_element(msg, rdn_name);
     145      677004 :         if (!attribute) {
     146             :                 /* add entry with normalised RDN information if possible */
     147      444147 :                 if (a->name != NULL && strcmp(a->name, "*") != 0) {
     148      444145 :                         ret = ldb_msg_add_value(msg, a->name, &rdn_val, NULL);
     149             :                 } else {
     150           2 :                         ret = ldb_msg_add_value(msg, rdn_name, &rdn_val, NULL);
     151             :                 }
     152      444147 :                 if (ret != LDB_SUCCESS) {
     153           0 :                         return ret;
     154             :                 }
     155             :         } else {
     156             :                 /* normalise attribute name if possible */
     157      232857 :                 if (a->name != NULL && strcmp(a->name, "*") != 0) {
     158      232851 :                         attribute->name = a->name;
     159             :                 }
     160             :                 /* normalise attribute value */
     161      232862 :                 for (i = 0; i < attribute->num_values; i++) {
     162       39197 :                         bool matched;
     163      232861 :                         if (a->syntax->operator_fn) {
     164           0 :                                 ret = a->syntax->operator_fn(ldb, LDB_OP_EQUALITY, a,
     165           0 :                                                              &rdn_val, &attribute->values[i], &matched);
     166           0 :                                 if (ret != LDB_SUCCESS) return ret;
     167             :                         } else {
     168      465722 :                                 matched = (a->syntax->comparison_fn(ldb, msg,
     169      232861 :                                                                     &rdn_val, &attribute->values[i]) == 0);
     170             :                         }
     171      232861 :                         if (matched) {
     172             :                                 /* overwrite so it matches in case */
     173      232856 :                                 attribute->values[i] = rdn_val;
     174      232856 :                                 break;
     175             :                         }
     176             :                 }
     177      232857 :                 if (i == attribute->num_values) {
     178           1 :                         char *rdn_errstring = talloc_asprintf(ac,
     179             :                                 "RDN mismatch on %s: %s (%.*s) should match one of:",
     180             :                                 ldb_dn_get_linearized(msg->dn), rdn_name,
     181           1 :                                 (int)rdn_val.length, (const char *)rdn_val.data);
     182           2 :                         for (i = 0; i < attribute->num_values; i++) {
     183           1 :                                 talloc_asprintf_addbuf(
     184             :                                         &rdn_errstring, " (%.*s)",
     185           1 :                                         (int)attribute->values[i].length,
     186           1 :                                         (const char *)attribute->values[i].data);
     187             :                         }
     188           1 :                         ldb_set_errstring(ldb, rdn_errstring);
     189             :                         /* Match AD's error here */
     190           1 :                         return LDB_ERR_INVALID_DN_SYNTAX;
     191             :                 }
     192             :         }
     193             : 
     194      677003 :         ret = ldb_build_add_req(&down_req, ldb, req,
     195             :                                 msg,
     196             :                                 req->controls,
     197             :                                 ac, rdn_name_add_callback,
     198             :                                 req);
     199      677003 :         if (ret != LDB_SUCCESS) {
     200           0 :                 return ret;
     201             :         }
     202             : 
     203      677003 :         talloc_steal(down_req, msg);
     204             : 
     205             :         /* go on with the call chain */
     206      677003 :         return ldb_next_request(module, down_req);
     207             : }
     208             : 
     209        1572 : static int rdn_modify_callback(struct ldb_request *req, struct ldb_reply *ares)
     210             : {
     211          14 :         struct rename_context *ac;
     212             : 
     213        1572 :         ac = talloc_get_type(req->context, struct rename_context);
     214             : 
     215        1572 :         if (!ares) {
     216           0 :                 return ldb_module_done(ac->req, NULL, NULL,
     217             :                                         LDB_ERR_OPERATIONS_ERROR);
     218             :         }
     219             : 
     220        1572 :         if (ares->type == LDB_REPLY_REFERRAL) {
     221           0 :                 return ldb_module_send_referral(ac->req, ares->referral);
     222             :         }
     223             : 
     224        1572 :         if (ares->error != LDB_SUCCESS) {
     225           0 :                 return ldb_module_done(ac->req, ares->controls,
     226             :                                         ares->response, ares->error);
     227             :         }
     228             : 
     229             :         /* the only supported reply right now is a LDB_REPLY_DONE */
     230        1572 :         if (ares->type != LDB_REPLY_DONE) {
     231           0 :                 return ldb_module_done(ac->req, NULL, NULL,
     232             :                                         LDB_ERR_OPERATIONS_ERROR);
     233             :         }
     234             : 
     235             :         /* send saved controls eventually */
     236        1572 :         return ldb_module_done(ac->req, ac->ares->controls,
     237        1572 :                                 ac->ares->response, LDB_SUCCESS);
     238             : }
     239             : 
     240        1651 : static int rdn_rename_callback(struct ldb_request *req, struct ldb_reply *ares)
     241             : {
     242          14 :         struct ldb_context *ldb;
     243          14 :         struct rename_context *ac;
     244          14 :         struct ldb_request *mod_req;
     245          14 :         const char *rdn_name;
     246        1651 :         const struct ldb_schema_attribute *a = NULL;
     247          14 :         const struct ldb_val *rdn_val_p;
     248          14 :         struct ldb_val rdn_val;
     249          14 :         struct ldb_message *msg;
     250          14 :         int ret;
     251             : 
     252        1651 :         ac = talloc_get_type(req->context, struct rename_context);
     253        1651 :         ldb = ldb_module_get_ctx(ac->module);
     254             : 
     255        1651 :         if (!ares) {
     256           0 :                 goto error;
     257             :         }
     258             : 
     259        1651 :         if (ares->type == LDB_REPLY_REFERRAL) {
     260           0 :                 return ldb_module_send_referral(ac->req, ares->referral);
     261             :         }
     262             : 
     263        1651 :         if (ares->error != LDB_SUCCESS) {
     264          78 :                 return ldb_module_done(ac->req, ares->controls,
     265             :                                         ares->response, ares->error);
     266             :         }
     267             : 
     268             :         /* the only supported reply right now is a LDB_REPLY_DONE */
     269        1573 :         if (ares->type != LDB_REPLY_DONE) {
     270           0 :                 goto error;
     271             :         }
     272             : 
     273             :         /* save reply for caller */
     274        1573 :         ac->ares = talloc_steal(ac, ares);
     275             : 
     276        1573 :         msg = ldb_msg_new(ac);
     277        1573 :         if (msg == NULL) {
     278           0 :                 goto error;
     279             :         }
     280        1573 :         msg->dn = ldb_dn_copy(msg, ac->req->op.rename.newdn);
     281        1573 :         if (msg->dn == NULL) {
     282           0 :                 goto error;
     283             :         }
     284             : 
     285        1573 :         rdn_name = ldb_dn_get_rdn_name(ac->req->op.rename.newdn);
     286        1573 :         if (rdn_name == NULL) {
     287           0 :                 goto error;
     288             :         }
     289             : 
     290        1573 :         a = ldb_schema_attribute_by_name(ldb, rdn_name);
     291        1573 :         if (a == NULL) {
     292           0 :                 goto error;
     293             :         }
     294             : 
     295        1573 :         if (a->name != NULL && strcmp(a->name, "*") != 0) {
     296        1573 :                 rdn_name = a->name;
     297             :         }
     298             : 
     299        1573 :         rdn_val_p = ldb_dn_get_rdn_val(msg->dn);
     300        1573 :         if (rdn_val_p == NULL) {
     301           0 :                 goto error;
     302             :         }
     303        1573 :         if (rdn_val_p->length == 0) {
     304           1 :                 ldb_asprintf_errstring(ldb, "Empty RDN value on %s not permitted!",
     305             :                                        ldb_dn_get_linearized(req->op.rename.olddn));
     306           1 :                 return ldb_module_done(ac->req, NULL, NULL,
     307             :                                        LDB_ERR_NAMING_VIOLATION);
     308             :         }
     309        1572 :         rdn_val = ldb_val_dup(msg, rdn_val_p);
     310             : 
     311        1572 :         if (ldb_msg_append_value(msg, rdn_name, &rdn_val, LDB_FLAG_MOD_REPLACE) != 0) {
     312           0 :                 goto error;
     313             :         }
     314        1572 :         if (ldb_msg_append_value(msg, "name", &rdn_val, LDB_FLAG_MOD_REPLACE) != 0) {
     315           0 :                 goto error;
     316             :         }
     317             : 
     318        1572 :         ret = ldb_build_mod_req(&mod_req, ldb,
     319             :                                 ac, msg, NULL,
     320             :                                 ac, rdn_modify_callback,
     321             :                                 req);
     322        1572 :         if (ret != LDB_SUCCESS) {
     323           0 :                 return ldb_module_done(ac->req, NULL, NULL, ret);
     324             :         }
     325        1572 :         talloc_steal(mod_req, msg);
     326             : 
     327             :         /* go on with the call chain */
     328        1572 :         return ldb_next_request(ac->module, mod_req);
     329             : 
     330           0 : error:
     331           0 :         return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR);
     332             : }
     333             : 
     334        1651 : static int rdn_name_rename(struct ldb_module *module, struct ldb_request *req)
     335             : {
     336          14 :         struct ldb_context *ldb;
     337          14 :         struct rename_context *ac;
     338          14 :         struct ldb_request *down_req;
     339          14 :         int ret;
     340             : 
     341        1651 :         ldb = ldb_module_get_ctx(module);
     342             : 
     343             :         /* do not manipulate our control entries */
     344        1651 :         if (ldb_dn_is_special(req->op.rename.newdn)) {
     345           0 :                 return ldb_next_request(module, req);
     346             :         }
     347             : 
     348        1651 :         ac = talloc_zero(req, struct rename_context);
     349        1651 :         if (ac == NULL) {
     350           0 :                 return LDB_ERR_OPERATIONS_ERROR;
     351             :         }
     352             : 
     353        1651 :         ac->module = module;
     354        1651 :         ac->req = req;
     355             : 
     356        1651 :         ret = ldb_build_rename_req(&down_req,
     357             :                                    ldb,
     358             :                                    ac,
     359             :                                    req->op.rename.olddn,
     360             :                                    req->op.rename.newdn,
     361             :                                    req->controls,
     362             :                                    ac,
     363             :                                    rdn_rename_callback,
     364             :                                    req);
     365             : 
     366        1651 :         if (ret != LDB_SUCCESS) {
     367           0 :                 return ret;
     368             :         }
     369             : 
     370             :         /* rename first, modify "name" if rename is ok */
     371        1651 :         return ldb_next_request(module, down_req);
     372             : }
     373             : 
     374           0 : static int rdn_recalculate_callback(struct ldb_request *req, struct ldb_reply *ares)
     375             : {
     376           0 :         struct ldb_request *up_req = talloc_get_type(req->context, struct ldb_request);
     377             : 
     378           0 :         talloc_steal(up_req, req);
     379           0 :         return up_req->callback(up_req, ares);
     380             : }
     381             : 
     382      659923 : static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req)
     383             : {
     384       27848 :         struct ldb_context *ldb;
     385       27848 :         const struct ldb_val *rdn_val_p;
     386      659923 :         struct ldb_message_element *e = NULL;
     387      659923 :         struct ldb_control *recalculate_rdn_control = NULL;
     388             : 
     389      659923 :         ldb = ldb_module_get_ctx(module);
     390             : 
     391             :         /* do not manipulate our control entries */
     392      659923 :         if (ldb_dn_is_special(req->op.mod.message->dn)) {
     393         746 :                 return ldb_next_request(module, req);
     394             :         }
     395             : 
     396      659177 :         recalculate_rdn_control = ldb_request_get_control(req,
     397             :                                         LDB_CONTROL_RECALCULATE_RDN_OID);
     398      659177 :         if (recalculate_rdn_control != NULL) {
     399           0 :                 struct ldb_message *msg = NULL;
     400           0 :                 const char *rdn_name = NULL;
     401           0 :                 struct ldb_val rdn_val;
     402           0 :                 const struct ldb_schema_attribute *a = NULL;
     403           0 :                 struct ldb_request *mod_req = NULL;
     404           0 :                 int ret;
     405           0 :                 struct ldb_message_element *rdn_del = NULL;
     406           0 :                 struct ldb_message_element *name_del = NULL;
     407             : 
     408           0 :                 recalculate_rdn_control->critical = false;
     409             : 
     410           0 :                 msg = ldb_msg_copy_shallow(req, req->op.mod.message);
     411           0 :                 if (msg == NULL) {
     412           0 :                         return ldb_module_oom(module);
     413             :                 }
     414             : 
     415             :                 /*
     416             :                  * The caller must pass a dummy 'name' attribute
     417             :                  * in order to bypass some high level checks.
     418             :                  *
     419             :                  * We just remove it and check nothing is left.
     420             :                  */
     421           0 :                 ldb_msg_remove_attr(msg, "name");
     422             : 
     423           0 :                 if (msg->num_elements != 0) {
     424           0 :                         return ldb_module_operr(module);
     425             :                 }
     426             : 
     427           0 :                 rdn_name = ldb_dn_get_rdn_name(msg->dn);
     428           0 :                 if (rdn_name == NULL) {
     429           0 :                         return ldb_module_oom(module);
     430             :                 }
     431             : 
     432           0 :                 a = ldb_schema_attribute_by_name(ldb, rdn_name);
     433           0 :                 if (a == NULL) {
     434           0 :                         return ldb_module_operr(module);
     435             :                 }
     436             : 
     437           0 :                 if (a->name != NULL && strcmp(a->name, "*") != 0) {
     438           0 :                         rdn_name = a->name;
     439             :                 }
     440             : 
     441           0 :                 rdn_val_p = ldb_dn_get_rdn_val(msg->dn);
     442           0 :                 if (rdn_val_p == NULL) {
     443           0 :                         return ldb_module_oom(module);
     444             :                 }
     445           0 :                 rdn_val = ldb_val_dup(msg, rdn_val_p);
     446           0 :                 if (rdn_val.length == 0) {
     447           0 :                         return ldb_module_oom(module);
     448             :                 }
     449             : 
     450             :                 /*
     451             :                  * This is a bit tricky:
     452             :                  *
     453             :                  * We want _DELETE elements (as "rdn_del" and "name_del" without
     454             :                  * values) first, followed by _ADD (with the real names)
     455             :                  * elements (with values). Then we fix up the "rdn_del" and
     456             :                  * "name_del" attributes.
     457             :                  */
     458             : 
     459           0 :                 ret = ldb_msg_add_empty(msg, "rdn_del", LDB_FLAG_MOD_DELETE, NULL);
     460           0 :                 if (ret != 0) {
     461           0 :                         return ldb_module_oom(module);
     462             :                 }
     463           0 :                 ret = ldb_msg_append_value(msg, rdn_name, &rdn_val, LDB_FLAG_MOD_ADD);
     464           0 :                 if (ret != 0) {
     465           0 :                         return ldb_module_oom(module);
     466             :                 }
     467             : 
     468           0 :                 ret = ldb_msg_add_empty(msg, "name_del", LDB_FLAG_MOD_DELETE, NULL);
     469           0 :                 if (ret != 0) {
     470           0 :                         return ldb_module_oom(module);
     471             :                 }
     472           0 :                 ret = ldb_msg_append_value(msg, "name", &rdn_val, LDB_FLAG_MOD_ADD);
     473           0 :                 if (ret != 0) {
     474           0 :                         return ldb_module_oom(module);
     475             :                 }
     476             : 
     477           0 :                 rdn_del = ldb_msg_find_element(msg, "rdn_del");
     478           0 :                 if (rdn_del == NULL) {
     479           0 :                         return ldb_module_operr(module);
     480             :                 }
     481           0 :                 rdn_del->name = talloc_strdup(msg->elements, rdn_name);
     482           0 :                 if (rdn_del->name == NULL) {
     483           0 :                         return ldb_module_oom(module);
     484             :                 }
     485           0 :                 name_del = ldb_msg_find_element(msg, "name_del");
     486           0 :                 if (name_del == NULL) {
     487           0 :                         return ldb_module_operr(module);
     488             :                 }
     489           0 :                 name_del->name = talloc_strdup(msg->elements, "name");
     490           0 :                 if (name_del->name == NULL) {
     491           0 :                         return ldb_module_oom(module);
     492             :                 }
     493             : 
     494           0 :                 ret = ldb_build_mod_req(&mod_req, ldb,
     495             :                                         req, msg, NULL,
     496             :                                         req, rdn_recalculate_callback,
     497             :                                         req);
     498           0 :                 if (ret != LDB_SUCCESS) {
     499           0 :                         return ldb_module_done(req, NULL, NULL, ret);
     500             :                 }
     501           0 :                 talloc_steal(mod_req, msg);
     502             : 
     503           0 :                 ret = ldb_request_add_control(mod_req,
     504             :                                               LDB_CONTROL_RECALCULATE_RDN_OID,
     505             :                                               false, NULL);
     506           0 :                 if (ret != LDB_SUCCESS) {
     507           0 :                         return ldb_module_done(req, NULL, NULL, ret);
     508             :                 }
     509           0 :                 ret = ldb_request_add_control(mod_req,
     510             :                                               LDB_CONTROL_PERMISSIVE_MODIFY_OID,
     511             :                                               false, NULL);
     512           0 :                 if (ret != LDB_SUCCESS) {
     513           0 :                         return ldb_module_done(req, NULL, NULL, ret);
     514             :                 }
     515             : 
     516             :                 /* go on with the call chain */
     517           0 :                 return ldb_next_request(module, mod_req);
     518             :         }
     519             : 
     520      659177 :         rdn_val_p = ldb_dn_get_rdn_val(req->op.mod.message->dn);
     521      659177 :         if (rdn_val_p == NULL) {
     522           0 :                 return LDB_ERR_OPERATIONS_ERROR;
     523             :         }
     524      659177 :         if (rdn_val_p->length == 0) {
     525           0 :                 ldb_asprintf_errstring(ldb, "Empty RDN value on %s not permitted!",
     526           0 :                                        ldb_dn_get_linearized(req->op.mod.message->dn));
     527           0 :                 return LDB_ERR_INVALID_DN_SYNTAX;
     528             :         }
     529             : 
     530      659177 :         e = ldb_msg_find_element(req->op.mod.message, "distinguishedName");
     531      659177 :         if (e != NULL) {
     532           3 :                 ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on %s not permitted, must use 'rename' operation instead",
     533           3 :                                        ldb_dn_get_linearized(req->op.mod.message->dn));
     534           3 :                 if (LDB_FLAG_MOD_TYPE(e->flags) == LDB_FLAG_MOD_REPLACE) {
     535           1 :                         return LDB_ERR_CONSTRAINT_VIOLATION;
     536             :                 } else {
     537           2 :                         return LDB_ERR_UNWILLING_TO_PERFORM;
     538             :                 }
     539             :         }
     540             : 
     541      659174 :         if (ldb_msg_find_element(req->op.mod.message, "name")) {
     542           1 :                 ldb_asprintf_errstring(ldb, "Modify of 'name' on %s not permitted, must use 'rename' operation instead",
     543           1 :                                        ldb_dn_get_linearized(req->op.mod.message->dn));
     544           1 :                 return LDB_ERR_NOT_ALLOWED_ON_RDN;
     545             :         }
     546             : 
     547      659173 :         if (ldb_msg_find_element(req->op.mod.message, ldb_dn_get_rdn_name(req->op.mod.message->dn))) {
     548           1 :                 ldb_asprintf_errstring(ldb, "Modify of RDN '%s' on %s not permitted, must use 'rename' operation instead",
     549           1 :                                        ldb_dn_get_rdn_name(req->op.mod.message->dn), ldb_dn_get_linearized(req->op.mod.message->dn));
     550           1 :                 return LDB_ERR_NOT_ALLOWED_ON_RDN;
     551             :         }
     552             : 
     553             :         /* All OK, they kept their fingers out of the special attributes */
     554      659172 :         return ldb_next_request(module, req);
     555             : }
     556             : 
     557    39216462 : static int rdn_name_search(struct ldb_module *module, struct ldb_request *req)
     558             : {
     559     2235920 :         struct ldb_context *ldb;
     560     2235920 :         const char *rdn_name;
     561     2235920 :         const struct ldb_val *rdn_val_p;
     562             : 
     563    39216462 :         ldb = ldb_module_get_ctx(module);
     564             : 
     565             :         /* do not manipulate our control entries */
     566    39216462 :         if (ldb_dn_is_special(req->op.search.base)) {
     567     1319147 :                 return ldb_next_request(module, req);
     568             :         }
     569             : 
     570    37897315 :         rdn_name = ldb_dn_get_rdn_name(req->op.search.base);
     571    37897315 :         rdn_val_p = ldb_dn_get_rdn_val(req->op.search.base);
     572    37897315 :         if ((rdn_name != NULL) && (rdn_val_p == NULL)) {
     573           0 :                 return LDB_ERR_OPERATIONS_ERROR;
     574             :         }
     575    37897315 :         if ((rdn_val_p != NULL) && (rdn_val_p->length == 0)) {
     576           9 :                 ldb_asprintf_errstring(ldb, "Empty RDN value on %s not permitted!",
     577             :                                        ldb_dn_get_linearized(req->op.search.base));
     578           9 :                 return LDB_ERR_INVALID_DN_SYNTAX;
     579             :         }
     580             : 
     581    37897306 :         return ldb_next_request(module, req);
     582             : }
     583             : 
     584             : static const struct ldb_module_ops ldb_rdn_name_module_ops = {
     585             :         .name              = "rdn_name",
     586             :         .add               = rdn_name_add,
     587             :         .modify            = rdn_name_modify,
     588             :         .rename            = rdn_name_rename,
     589             :         .search            = rdn_name_search
     590             : };
     591             : 
     592        6184 : int ldb_rdn_name_init(const char *version)
     593             : {
     594        6184 :         LDB_MODULE_CHECK_VERSION(version);
     595        6184 :         return ldb_register_module(&ldb_rdn_name_module_ops);
     596             : }

Generated by: LCOV version 1.14