|
 |
5873fa |
From f13d630ff98eb5b5505f1db3e7f207175b51b237 Mon Sep 17 00:00:00 2001
|
|
|
5873fa |
From: Mark Reynolds <mreynolds@redhat.com>
|
|
|
5873fa |
Date: Tue, 12 May 2020 13:48:30 -0400
|
|
|
5873fa |
Subject: [PATCH 04/12] Issue 51076 - remove unnecessary slapi entry dups
|
|
|
5873fa |
|
|
|
5873fa |
Description: So the problem is that slapi_search_internal_get_entry()
|
|
|
5873fa |
duplicates the entry twice. It does that as a convenience
|
|
|
5873fa |
where it will allocate a pblock, do the search, copy
|
|
|
5873fa |
the entry, free search results from the pblock, and then
|
|
|
5873fa |
free the pblock itself. I basically split this function
|
|
|
5873fa |
into two functions. One function allocates the pblock,
|
|
|
5873fa |
does the search and returns the entry. The other function
|
|
|
5873fa |
frees the entries and pblock.
|
|
|
5873fa |
|
|
|
5873fa |
99% of time when we call slapi_search_internal_get_entry()
|
|
|
5873fa |
we are just reading it and freeing it. It's not being
|
|
|
5873fa |
consumed. In these cases we can use the two function
|
|
|
5873fa |
approach eliminates an extra slapi_entry_dup(). Over the
|
|
|
5873fa |
time of an operation/connection we can save quite a bit
|
|
|
5873fa |
of mallocing/freeing. This could also help with memory
|
|
|
5873fa |
fragmentation.
|
|
|
5873fa |
|
|
|
5873fa |
ASAN: passed
|
|
|
5873fa |
|
|
|
5873fa |
relates: https://pagure.io/389-ds-base/issue/51076
|
|
|
5873fa |
|
|
|
5873fa |
Reviewed by: firstyear & tbordaz(Thanks!)
|
|
|
5873fa |
---
|
|
|
5873fa |
ldap/servers/plugins/acctpolicy/acct_config.c | 6 +--
|
|
|
5873fa |
ldap/servers/plugins/acctpolicy/acct_plugin.c | 36 +++++++-------
|
|
|
5873fa |
ldap/servers/plugins/acctpolicy/acct_util.c | 6 +--
|
|
|
5873fa |
ldap/servers/plugins/automember/automember.c | 17 +++----
|
|
|
5873fa |
ldap/servers/plugins/dna/dna.c | 23 ++++-----
|
|
|
5873fa |
ldap/servers/plugins/memberof/memberof.c | 16 +++----
|
|
|
5873fa |
.../plugins/pam_passthru/pam_ptconfig.c | 10 ++--
|
|
|
5873fa |
.../servers/plugins/pam_passthru/pam_ptimpl.c | 7 +--
|
|
|
5873fa |
.../plugins/pam_passthru/pam_ptpreop.c | 9 ++--
|
|
|
5873fa |
.../plugins/replication/repl5_tot_protocol.c | 5 +-
|
|
|
5873fa |
ldap/servers/plugins/uiduniq/uid.c | 23 ++++-----
|
|
|
5873fa |
ldap/servers/slapd/daemon.c | 11 ++---
|
|
|
5873fa |
ldap/servers/slapd/modify.c | 12 +++--
|
|
|
5873fa |
ldap/servers/slapd/plugin_internal_op.c | 48 +++++++++++++++++++
|
|
|
5873fa |
ldap/servers/slapd/resourcelimit.c | 13 ++---
|
|
|
5873fa |
ldap/servers/slapd/schema.c | 7 ++-
|
|
|
5873fa |
ldap/servers/slapd/slapi-plugin.h | 23 ++++++++-
|
|
|
5873fa |
17 files changed, 161 insertions(+), 111 deletions(-)
|
|
|
5873fa |
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/acctpolicy/acct_config.c b/ldap/servers/plugins/acctpolicy/acct_config.c
|
|
|
5873fa |
index fe35ba5a0..01e4f319f 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/acctpolicy/acct_config.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/acctpolicy/acct_config.c
|
|
|
5873fa |
@@ -37,6 +37,7 @@ static int acct_policy_entry2config(Slapi_Entry *e,
|
|
|
5873fa |
int
|
|
|
5873fa |
acct_policy_load_config_startup(Slapi_PBlock *pb __attribute__((unused)), void *plugin_id)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
acctPluginCfg *newcfg;
|
|
|
5873fa |
Slapi_Entry *config_entry = NULL;
|
|
|
5873fa |
Slapi_DN *config_sdn = NULL;
|
|
|
5873fa |
@@ -44,8 +45,7 @@ acct_policy_load_config_startup(Slapi_PBlock *pb __attribute__((unused)), void *
|
|
|
5873fa |
|
|
|
5873fa |
/* Retrieve the config entry */
|
|
|
5873fa |
config_sdn = slapi_sdn_new_normdn_byref(PLUGIN_CONFIG_DN);
|
|
|
5873fa |
- rc = slapi_search_internal_get_entry(config_sdn, NULL, &config_entry,
|
|
|
5873fa |
- plugin_id);
|
|
|
5873fa |
+ rc = slapi_search_get_entry(&entry_pb, config_sdn, NULL, &config_entry, plugin_id);
|
|
|
5873fa |
slapi_sdn_free(&config_sdn);
|
|
|
5873fa |
|
|
|
5873fa |
if (rc != LDAP_SUCCESS || config_entry == NULL) {
|
|
|
5873fa |
@@ -60,7 +60,7 @@ acct_policy_load_config_startup(Slapi_PBlock *pb __attribute__((unused)), void *
|
|
|
5873fa |
rc = acct_policy_entry2config(config_entry, newcfg);
|
|
|
5873fa |
config_unlock();
|
|
|
5873fa |
|
|
|
5873fa |
- slapi_entry_free(config_entry);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
|
|
|
5873fa |
return (rc);
|
|
|
5873fa |
}
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/acctpolicy/acct_plugin.c b/ldap/servers/plugins/acctpolicy/acct_plugin.c
|
|
|
5873fa |
index 2a876ad72..c3c32b074 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/acctpolicy/acct_plugin.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/acctpolicy/acct_plugin.c
|
|
|
5873fa |
@@ -209,6 +209,7 @@ done:
|
|
|
5873fa |
int
|
|
|
5873fa |
acct_bind_preop(Slapi_PBlock *pb)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
const char *dn = NULL;
|
|
|
5873fa |
Slapi_DN *sdn = NULL;
|
|
|
5873fa |
Slapi_Entry *target_entry = NULL;
|
|
|
5873fa |
@@ -236,8 +237,7 @@ acct_bind_preop(Slapi_PBlock *pb)
|
|
|
5873fa |
goto done;
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
- ldrc = slapi_search_internal_get_entry(sdn, NULL, &target_entry,
|
|
|
5873fa |
- plugin_id);
|
|
|
5873fa |
+ ldrc = slapi_search_get_entry(&entry_pb, sdn, NULL, &target_entry, plugin_id);
|
|
|
5873fa |
|
|
|
5873fa |
/* There was a problem retrieving the entry */
|
|
|
5873fa |
if (ldrc != LDAP_SUCCESS) {
|
|
|
5873fa |
@@ -275,7 +275,7 @@ done:
|
|
|
5873fa |
slapi_send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL, NULL, 0, NULL);
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
- slapi_entry_free(target_entry);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
|
|
|
5873fa |
free_acctpolicy(&policy);
|
|
|
5873fa |
|
|
|
5873fa |
@@ -293,6 +293,7 @@ done:
|
|
|
5873fa |
int
|
|
|
5873fa |
acct_bind_postop(Slapi_PBlock *pb)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
char *dn = NULL;
|
|
|
5873fa |
int ldrc, tracklogin = 0;
|
|
|
5873fa |
int rc = 0; /* Optimistic default */
|
|
|
5873fa |
@@ -327,8 +328,7 @@ acct_bind_postop(Slapi_PBlock *pb)
|
|
|
5873fa |
covered by an account policy to decide whether we should track */
|
|
|
5873fa |
if (tracklogin == 0) {
|
|
|
5873fa |
sdn = slapi_sdn_new_normdn_byref(dn);
|
|
|
5873fa |
- ldrc = slapi_search_internal_get_entry(sdn, NULL, &target_entry,
|
|
|
5873fa |
- plugin_id);
|
|
|
5873fa |
+ ldrc = slapi_search_get_entry(&entry_pb, sdn, NULL, &target_entry, plugin_id);
|
|
|
5873fa |
|
|
|
5873fa |
if (ldrc != LDAP_SUCCESS) {
|
|
|
5873fa |
slapi_log_err(SLAPI_LOG_ERR, POST_PLUGIN_NAME,
|
|
|
5873fa |
@@ -355,7 +355,7 @@ done:
|
|
|
5873fa |
slapi_send_ldap_result(pb, LDAP_UNWILLING_TO_PERFORM, NULL, NULL, 0, NULL);
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
- slapi_entry_free(target_entry);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
|
|
|
5873fa |
slapi_sdn_free(&sdn;;
|
|
|
5873fa |
|
|
|
5873fa |
@@ -370,11 +370,11 @@ done:
|
|
|
5873fa |
static int
|
|
|
5873fa |
acct_pre_op(Slapi_PBlock *pb, int modop)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
Slapi_DN *sdn = 0;
|
|
|
5873fa |
Slapi_Entry *e = 0;
|
|
|
5873fa |
Slapi_Mods *smods = 0;
|
|
|
5873fa |
LDAPMod **mods;
|
|
|
5873fa |
- int free_entry = 0;
|
|
|
5873fa |
char *errstr = NULL;
|
|
|
5873fa |
int ret = SLAPI_PLUGIN_SUCCESS;
|
|
|
5873fa |
|
|
|
5873fa |
@@ -384,28 +384,25 @@ acct_pre_op(Slapi_PBlock *pb, int modop)
|
|
|
5873fa |
|
|
|
5873fa |
if (acct_policy_dn_is_config(sdn)) {
|
|
|
5873fa |
/* Validate config changes, but don't apply them.
|
|
|
5873fa |
- * This allows us to reject invalid config changes
|
|
|
5873fa |
- * here at the pre-op stage. Applying the config
|
|
|
5873fa |
- * needs to be done at the post-op stage. */
|
|
|
5873fa |
+ * This allows us to reject invalid config changes
|
|
|
5873fa |
+ * here at the pre-op stage. Applying the config
|
|
|
5873fa |
+ * needs to be done at the post-op stage. */
|
|
|
5873fa |
|
|
|
5873fa |
if (LDAP_CHANGETYPE_ADD == modop) {
|
|
|
5873fa |
slapi_pblock_get(pb, SLAPI_ADD_ENTRY, &e);
|
|
|
5873fa |
|
|
|
5873fa |
- /* If the entry doesn't exist, just bail and
|
|
|
5873fa |
- * let the server handle it. */
|
|
|
5873fa |
+ /* If the entry doesn't exist, just bail and let the server handle it. */
|
|
|
5873fa |
if (e == NULL) {
|
|
|
5873fa |
goto bail;
|
|
|
5873fa |
}
|
|
|
5873fa |
} else if (LDAP_CHANGETYPE_MODIFY == modop) {
|
|
|
5873fa |
/* Fetch the entry being modified so we can
|
|
|
5873fa |
- * create the resulting entry for validation. */
|
|
|
5873fa |
+ * create the resulting entry for validation. */
|
|
|
5873fa |
if (sdn) {
|
|
|
5873fa |
- slapi_search_internal_get_entry(sdn, 0, &e, get_identity());
|
|
|
5873fa |
- free_entry = 1;
|
|
|
5873fa |
+ slapi_search_get_entry(&entry_pb, sdn, 0, &e, get_identity());
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
- /* If the entry doesn't exist, just bail and
|
|
|
5873fa |
- * let the server handle it. */
|
|
|
5873fa |
+ /* If the entry doesn't exist, just bail and let the server handle it. */
|
|
|
5873fa |
if (e == NULL) {
|
|
|
5873fa |
goto bail;
|
|
|
5873fa |
}
|
|
|
5873fa |
@@ -418,7 +415,7 @@ acct_pre_op(Slapi_PBlock *pb, int modop)
|
|
|
5873fa |
/* Apply the mods to create the resulting entry. */
|
|
|
5873fa |
if (mods && (slapi_entry_apply_mods(e, mods) != LDAP_SUCCESS)) {
|
|
|
5873fa |
/* The mods don't apply cleanly, so we just let this op go
|
|
|
5873fa |
- * to let the main server handle it. */
|
|
|
5873fa |
+ * to let the main server handle it. */
|
|
|
5873fa |
goto bailmod;
|
|
|
5873fa |
}
|
|
|
5873fa |
} else if (modop == LDAP_CHANGETYPE_DELETE) {
|
|
|
5873fa |
@@ -439,8 +436,7 @@ bailmod:
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
bail:
|
|
|
5873fa |
- if (free_entry && e)
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
|
|
|
5873fa |
if (ret) {
|
|
|
5873fa |
slapi_log_err(SLAPI_LOG_PLUGIN, PRE_PLUGIN_NAME,
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/acctpolicy/acct_util.c b/ldap/servers/plugins/acctpolicy/acct_util.c
|
|
|
5873fa |
index f25a3202d..f432092fe 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/acctpolicy/acct_util.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/acctpolicy/acct_util.c
|
|
|
5873fa |
@@ -85,6 +85,7 @@ get_attr_string_val(Slapi_Entry *target_entry, char *attr_name)
|
|
|
5873fa |
int
|
|
|
5873fa |
get_acctpolicy(Slapi_PBlock *pb __attribute__((unused)), Slapi_Entry *target_entry, void *plugin_id, acctPolicy **policy)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
Slapi_DN *sdn = NULL;
|
|
|
5873fa |
Slapi_Entry *policy_entry = NULL;
|
|
|
5873fa |
Slapi_Attr *attr;
|
|
|
5873fa |
@@ -123,8 +124,7 @@ get_acctpolicy(Slapi_PBlock *pb __attribute__((unused)), Slapi_Entry *target_ent
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
sdn = slapi_sdn_new_dn_byref(policy_dn);
|
|
|
5873fa |
- ldrc = slapi_search_internal_get_entry(sdn, NULL, &policy_entry,
|
|
|
5873fa |
- plugin_id);
|
|
|
5873fa |
+ ldrc = slapi_search_get_entry(&entry_pb, sdn, NULL, &policy_entry, plugin_id);
|
|
|
5873fa |
slapi_sdn_free(&sdn;;
|
|
|
5873fa |
|
|
|
5873fa |
/* There should be a policy but it can't be retrieved; fatal error */
|
|
|
5873fa |
@@ -160,7 +160,7 @@ dopolicy:
|
|
|
5873fa |
done:
|
|
|
5873fa |
config_unlock();
|
|
|
5873fa |
slapi_ch_free_string(&policy_dn);
|
|
|
5873fa |
- slapi_entry_free(policy_entry);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
return (rc);
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/automember/automember.c b/ldap/servers/plugins/automember/automember.c
|
|
|
5873fa |
index 7c875c852..39350ad53 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/automember/automember.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/automember/automember.c
|
|
|
5873fa |
@@ -1629,13 +1629,12 @@ automember_update_member_value(Slapi_Entry *member_e, const char *group_dn, char
|
|
|
5873fa |
char *member_value = NULL;
|
|
|
5873fa |
int rc = 0;
|
|
|
5873fa |
Slapi_DN *group_sdn;
|
|
|
5873fa |
- Slapi_Entry *group_entry = NULL;
|
|
|
5873fa |
|
|
|
5873fa |
/* First thing check that the group still exists */
|
|
|
5873fa |
group_sdn = slapi_sdn_new_dn_byval(group_dn);
|
|
|
5873fa |
- rc = slapi_search_internal_get_entry(group_sdn, NULL, &group_entry, automember_get_plugin_id());
|
|
|
5873fa |
+ rc = slapi_search_internal_get_entry(group_sdn, NULL, NULL, automember_get_plugin_id());
|
|
|
5873fa |
slapi_sdn_free(&group_sdn);
|
|
|
5873fa |
- if (rc != LDAP_SUCCESS || group_entry == NULL) {
|
|
|
5873fa |
+ if (rc != LDAP_SUCCESS) {
|
|
|
5873fa |
if (rc == LDAP_NO_SUCH_OBJECT) {
|
|
|
5873fa |
/* the automember group (default or target) does not exist, just skip this definition */
|
|
|
5873fa |
slapi_log_err(SLAPI_LOG_INFO, AUTOMEMBER_PLUGIN_SUBSYSTEM,
|
|
|
5873fa |
@@ -1647,10 +1646,8 @@ automember_update_member_value(Slapi_Entry *member_e, const char *group_dn, char
|
|
|
5873fa |
"automember_update_member_value - group (default or target) can not be retrieved (%s) err=%d\n",
|
|
|
5873fa |
group_dn, rc);
|
|
|
5873fa |
}
|
|
|
5873fa |
- slapi_entry_free(group_entry);
|
|
|
5873fa |
return rc;
|
|
|
5873fa |
}
|
|
|
5873fa |
- slapi_entry_free(group_entry);
|
|
|
5873fa |
|
|
|
5873fa |
/* If grouping_value is dn, we need to fetch the dn instead. */
|
|
|
5873fa |
if (slapi_attr_type_cmp(grouping_value, "dn", SLAPI_TYPE_CMP_EXACT) == 0) {
|
|
|
5873fa |
@@ -1752,11 +1749,11 @@ out:
|
|
|
5873fa |
static int
|
|
|
5873fa |
automember_pre_op(Slapi_PBlock *pb, int modop)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
Slapi_DN *sdn = 0;
|
|
|
5873fa |
Slapi_Entry *e = 0;
|
|
|
5873fa |
Slapi_Mods *smods = 0;
|
|
|
5873fa |
LDAPMod **mods;
|
|
|
5873fa |
- int free_entry = 0;
|
|
|
5873fa |
char *errstr = NULL;
|
|
|
5873fa |
int ret = SLAPI_PLUGIN_SUCCESS;
|
|
|
5873fa |
|
|
|
5873fa |
@@ -1784,8 +1781,7 @@ automember_pre_op(Slapi_PBlock *pb, int modop)
|
|
|
5873fa |
/* Fetch the entry being modified so we can
|
|
|
5873fa |
* create the resulting entry for validation. */
|
|
|
5873fa |
if (sdn) {
|
|
|
5873fa |
- slapi_search_internal_get_entry(sdn, 0, &e, automember_get_plugin_id());
|
|
|
5873fa |
- free_entry = 1;
|
|
|
5873fa |
+ slapi_search_get_entry(&entry_pb, sdn, 0, &e, automember_get_plugin_id());
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
/* If the entry doesn't exist, just bail and
|
|
|
5873fa |
@@ -1799,7 +1795,7 @@ automember_pre_op(Slapi_PBlock *pb, int modop)
|
|
|
5873fa |
smods = slapi_mods_new();
|
|
|
5873fa |
slapi_mods_init_byref(smods, mods);
|
|
|
5873fa |
|
|
|
5873fa |
- /* Apply the mods to create the resulting entry. */
|
|
|
5873fa |
+ /* Apply the mods to create the resulting entry. */
|
|
|
5873fa |
if (mods && (slapi_entry_apply_mods(e, mods) != LDAP_SUCCESS)) {
|
|
|
5873fa |
/* The mods don't apply cleanly, so we just let this op go
|
|
|
5873fa |
* to let the main server handle it. */
|
|
|
5873fa |
@@ -1831,8 +1827,7 @@ bailmod:
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
bail:
|
|
|
5873fa |
- if (free_entry && e)
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
|
|
|
5873fa |
if (ret) {
|
|
|
5873fa |
slapi_log_err(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/dna/dna.c b/ldap/servers/plugins/dna/dna.c
|
|
|
5873fa |
index 1ee271359..16c625bb0 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/dna/dna.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/dna/dna.c
|
|
|
5873fa |
@@ -1178,7 +1178,6 @@ dna_parse_config_entry(Slapi_PBlock *pb, Slapi_Entry *e, int apply)
|
|
|
5873fa |
|
|
|
5873fa |
value = slapi_entry_attr_get_charptr(e, DNA_SHARED_CFG_DN);
|
|
|
5873fa |
if (value) {
|
|
|
5873fa |
- Slapi_Entry *shared_e = NULL;
|
|
|
5873fa |
Slapi_DN *sdn = NULL;
|
|
|
5873fa |
char *normdn = NULL;
|
|
|
5873fa |
char *attrs[2];
|
|
|
5873fa |
@@ -1197,10 +1196,8 @@ dna_parse_config_entry(Slapi_PBlock *pb, Slapi_Entry *e, int apply)
|
|
|
5873fa |
/* We don't need attributes */
|
|
|
5873fa |
attrs[0] = "cn";
|
|
|
5873fa |
attrs[1] = NULL;
|
|
|
5873fa |
- slapi_search_internal_get_entry(sdn, attrs, &shared_e, getPluginID());
|
|
|
5873fa |
-
|
|
|
5873fa |
/* Make sure that the shared config entry exists. */
|
|
|
5873fa |
- if (!shared_e) {
|
|
|
5873fa |
+ if(slapi_search_internal_get_entry(sdn, attrs, NULL, getPluginID()) != LDAP_SUCCESS) {
|
|
|
5873fa |
/* We didn't locate the shared config container entry. Log
|
|
|
5873fa |
* a message and skip this config entry. */
|
|
|
5873fa |
slapi_log_err(SLAPI_LOG_ERR, DNA_PLUGIN_SUBSYSTEM,
|
|
|
5873fa |
@@ -1210,9 +1207,6 @@ dna_parse_config_entry(Slapi_PBlock *pb, Slapi_Entry *e, int apply)
|
|
|
5873fa |
ret = DNA_FAILURE;
|
|
|
5873fa |
slapi_sdn_free(&sdn;;
|
|
|
5873fa |
goto bail;
|
|
|
5873fa |
- } else {
|
|
|
5873fa |
- slapi_entry_free(shared_e);
|
|
|
5873fa |
- shared_e = NULL;
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
normdn = (char *)slapi_sdn_get_dn(sdn);
|
|
|
5873fa |
@@ -1539,6 +1533,7 @@ dna_delete_shared_servers(PRCList **servers)
|
|
|
5873fa |
static int
|
|
|
5873fa |
dna_load_host_port(void)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *pb = NULL;
|
|
|
5873fa |
int status = DNA_SUCCESS;
|
|
|
5873fa |
Slapi_Entry *e = NULL;
|
|
|
5873fa |
Slapi_DN *config_dn = NULL;
|
|
|
5873fa |
@@ -1554,7 +1549,7 @@ dna_load_host_port(void)
|
|
|
5873fa |
|
|
|
5873fa |
config_dn = slapi_sdn_new_ndn_byref("cn=config");
|
|
|
5873fa |
if (config_dn) {
|
|
|
5873fa |
- slapi_search_internal_get_entry(config_dn, attrs, &e, getPluginID());
|
|
|
5873fa |
+ slapi_search_get_entry(&pb, config_dn, attrs, &e, getPluginID());
|
|
|
5873fa |
slapi_sdn_free(&config_dn);
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
@@ -1562,8 +1557,8 @@ dna_load_host_port(void)
|
|
|
5873fa |
hostname = slapi_entry_attr_get_charptr(e, "nsslapd-localhost");
|
|
|
5873fa |
portnum = slapi_entry_attr_get_charptr(e, "nsslapd-port");
|
|
|
5873fa |
secureportnum = slapi_entry_attr_get_charptr(e, "nsslapd-secureport");
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
}
|
|
|
5873fa |
+ slapi_search_get_entry_done(&pb;;
|
|
|
5873fa |
|
|
|
5873fa |
if (!hostname || !portnum) {
|
|
|
5873fa |
status = DNA_FAILURE;
|
|
|
5873fa |
@@ -2876,6 +2871,7 @@ bail:
|
|
|
5873fa |
static int
|
|
|
5873fa |
dna_is_replica_bind_dn(char *range_dn, char *bind_dn)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
char *replica_dn = NULL;
|
|
|
5873fa |
Slapi_DN *replica_sdn = NULL;
|
|
|
5873fa |
Slapi_DN *range_sdn = NULL;
|
|
|
5873fa |
@@ -2912,8 +2908,7 @@ dna_is_replica_bind_dn(char *range_dn, char *bind_dn)
|
|
|
5873fa |
attrs[2] = 0;
|
|
|
5873fa |
|
|
|
5873fa |
/* Find cn=replica entry via search */
|
|
|
5873fa |
- slapi_search_internal_get_entry(replica_sdn, attrs, &e, getPluginID());
|
|
|
5873fa |
-
|
|
|
5873fa |
+ slapi_search_get_entry(&entry_pb, replica_sdn, attrs, &e, getPluginID());
|
|
|
5873fa |
if (e) {
|
|
|
5873fa |
/* Check if the passed in bind dn matches any of the replica bind dns. */
|
|
|
5873fa |
Slapi_Value *bind_dn_sv = slapi_value_new_string(bind_dn);
|
|
|
5873fa |
@@ -2927,6 +2922,7 @@ dna_is_replica_bind_dn(char *range_dn, char *bind_dn)
|
|
|
5873fa |
attrs[0] = "member";
|
|
|
5873fa |
attrs[1] = "uniquemember";
|
|
|
5873fa |
attrs[2] = 0;
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
for (i = 0; bind_group_dn != NULL && bind_group_dn[i] != NULL; i++) {
|
|
|
5873fa |
if (ret) {
|
|
|
5873fa |
/* already found a member, just free group */
|
|
|
5873fa |
@@ -2934,14 +2930,14 @@ dna_is_replica_bind_dn(char *range_dn, char *bind_dn)
|
|
|
5873fa |
continue;
|
|
|
5873fa |
}
|
|
|
5873fa |
bind_group_sdn = slapi_sdn_new_normdn_passin(bind_group_dn[i]);
|
|
|
5873fa |
- slapi_search_internal_get_entry(bind_group_sdn, attrs, &bind_group_entry, getPluginID());
|
|
|
5873fa |
+ slapi_search_get_entry(&entry_pb, bind_group_sdn, attrs, &bind_group_entry, getPluginID());
|
|
|
5873fa |
if (bind_group_entry) {
|
|
|
5873fa |
ret = slapi_entry_attr_has_syntax_value(bind_group_entry, "member", bind_dn_sv);
|
|
|
5873fa |
if (ret == 0) {
|
|
|
5873fa |
ret = slapi_entry_attr_has_syntax_value(bind_group_entry, "uniquemember", bind_dn_sv);
|
|
|
5873fa |
}
|
|
|
5873fa |
}
|
|
|
5873fa |
- slapi_entry_free(bind_group_entry);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
slapi_sdn_free(&bind_group_sdn);
|
|
|
5873fa |
}
|
|
|
5873fa |
slapi_ch_free((void **)&bind_group_dn);
|
|
|
5873fa |
@@ -2956,7 +2952,6 @@ dna_is_replica_bind_dn(char *range_dn, char *bind_dn)
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
done:
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
slapi_sdn_free(&range_sdn);
|
|
|
5873fa |
slapi_sdn_free(&replica_sdn);
|
|
|
5873fa |
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
|
|
|
5873fa |
index 40bd4b380..e9e1ec4c7 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/memberof/memberof.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/memberof/memberof.c
|
|
|
5873fa |
@@ -884,7 +884,7 @@ memberof_postop_modrdn(Slapi_PBlock *pb)
|
|
|
5873fa |
pre_sdn = slapi_entry_get_sdn(pre_e);
|
|
|
5873fa |
post_sdn = slapi_entry_get_sdn(post_e);
|
|
|
5873fa |
}
|
|
|
5873fa |
-
|
|
|
5873fa |
+
|
|
|
5873fa |
if (pre_sdn && post_sdn && slapi_sdn_compare(pre_sdn, post_sdn) == 0) {
|
|
|
5873fa |
/* Regarding memberof plugin, this rename is a no-op
|
|
|
5873fa |
* but it can be expensive to process it. So skip it
|
|
|
5873fa |
@@ -1466,6 +1466,7 @@ memberof_modop_one_r(Slapi_PBlock *pb, MemberOfConfig *config, int mod_op, Slapi
|
|
|
5873fa |
int
|
|
|
5873fa |
memberof_modop_one_replace_r(Slapi_PBlock *pb, MemberOfConfig *config, int mod_op, Slapi_DN *group_sdn, Slapi_DN *op_this_sdn, Slapi_DN *replace_with_sdn, Slapi_DN *op_to_sdn, memberofstringll *stack)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
int rc = 0;
|
|
|
5873fa |
LDAPMod mod;
|
|
|
5873fa |
LDAPMod replace_mod;
|
|
|
5873fa |
@@ -1515,8 +1516,7 @@ memberof_modop_one_replace_r(Slapi_PBlock *pb, MemberOfConfig *config, int mod_o
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
/* determine if this is a group op or single entry */
|
|
|
5873fa |
- slapi_search_internal_get_entry(op_to_sdn, config->groupattrs,
|
|
|
5873fa |
- &e, memberof_get_plugin_id());
|
|
|
5873fa |
+ slapi_search_get_entry(&entry_pb, op_to_sdn, config->groupattrs, &e, memberof_get_plugin_id());
|
|
|
5873fa |
if (!e) {
|
|
|
5873fa |
/* In the case of a delete, we need to worry about the
|
|
|
5873fa |
* missing entry being a nested group. There's a small
|
|
|
5873fa |
@@ -1751,7 +1751,7 @@ memberof_modop_one_replace_r(Slapi_PBlock *pb, MemberOfConfig *config, int mod_o
|
|
|
5873fa |
bail:
|
|
|
5873fa |
slapi_value_free(&to_dn_val);
|
|
|
5873fa |
slapi_value_free(&this_dn_val);
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
return rc;
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
@@ -2368,6 +2368,7 @@ bail:
|
|
|
5873fa |
int
|
|
|
5873fa |
memberof_is_direct_member(MemberOfConfig *config, Slapi_Value *groupdn, Slapi_Value *memberdn)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *pb = NULL;
|
|
|
5873fa |
int rc = 0;
|
|
|
5873fa |
Slapi_DN *sdn = 0;
|
|
|
5873fa |
Slapi_Entry *group_e = 0;
|
|
|
5873fa |
@@ -2376,8 +2377,8 @@ memberof_is_direct_member(MemberOfConfig *config, Slapi_Value *groupdn, Slapi_Va
|
|
|
5873fa |
|
|
|
5873fa |
sdn = slapi_sdn_new_normdn_byref(slapi_value_get_string(groupdn));
|
|
|
5873fa |
|
|
|
5873fa |
- slapi_search_internal_get_entry(sdn, config->groupattrs,
|
|
|
5873fa |
- &group_e, memberof_get_plugin_id());
|
|
|
5873fa |
+ slapi_search_get_entry(&pb, sdn, config->groupattrs,
|
|
|
5873fa |
+ &group_e, memberof_get_plugin_id());
|
|
|
5873fa |
|
|
|
5873fa |
if (group_e) {
|
|
|
5873fa |
/* See if memberdn is referred to by any of the group attributes. */
|
|
|
5873fa |
@@ -2388,9 +2389,8 @@ memberof_is_direct_member(MemberOfConfig *config, Slapi_Value *groupdn, Slapi_Va
|
|
|
5873fa |
break;
|
|
|
5873fa |
}
|
|
|
5873fa |
}
|
|
|
5873fa |
-
|
|
|
5873fa |
- slapi_entry_free(group_e);
|
|
|
5873fa |
}
|
|
|
5873fa |
+ slapi_search_get_entry_done(&pb;;
|
|
|
5873fa |
|
|
|
5873fa |
slapi_sdn_free(&sdn;;
|
|
|
5873fa |
return rc;
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptconfig.c b/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
|
|
|
5873fa |
index 46a76d884..cbec2ec40 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/pam_passthru/pam_ptconfig.c
|
|
|
5873fa |
@@ -749,22 +749,22 @@ pam_passthru_get_config(Slapi_DN *bind_sdn)
|
|
|
5873fa |
if (pam_passthru_check_suffix(cfg, bind_sdn) == LDAP_SUCCESS) {
|
|
|
5873fa |
if (cfg->slapi_filter) {
|
|
|
5873fa |
/* A filter is configured, so see if the bind entry is a match. */
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
Slapi_Entry *test_e = NULL;
|
|
|
5873fa |
|
|
|
5873fa |
/* Fetch the bind entry */
|
|
|
5873fa |
- slapi_search_internal_get_entry(bind_sdn, NULL, &test_e,
|
|
|
5873fa |
- pam_passthruauth_get_plugin_identity());
|
|
|
5873fa |
+ slapi_search_get_entry(&entry_pb, bind_sdn, NULL, &test_e,
|
|
|
5873fa |
+ pam_passthruauth_get_plugin_identity());
|
|
|
5873fa |
|
|
|
5873fa |
/* If the entry doesn't exist, just fall through to the main server code */
|
|
|
5873fa |
if (test_e) {
|
|
|
5873fa |
/* Evaluate the filter. */
|
|
|
5873fa |
if (LDAP_SUCCESS == slapi_filter_test_simple(test_e, cfg->slapi_filter)) {
|
|
|
5873fa |
/* This is a match. */
|
|
|
5873fa |
- slapi_entry_free(test_e);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
goto done;
|
|
|
5873fa |
}
|
|
|
5873fa |
-
|
|
|
5873fa |
- slapi_entry_free(test_e);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
}
|
|
|
5873fa |
} else {
|
|
|
5873fa |
/* There is no filter to check, so this is a match. */
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptimpl.c b/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
|
|
|
5873fa |
index 7f5fb02c4..5b43f8d1f 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/pam_passthru/pam_ptimpl.c
|
|
|
5873fa |
@@ -81,11 +81,12 @@ derive_from_bind_dn(Slapi_PBlock *pb __attribute__((unused)), const Slapi_DN *bi
|
|
|
5873fa |
static char *
|
|
|
5873fa |
derive_from_bind_entry(Slapi_PBlock *pb, const Slapi_DN *bindsdn, MyStrBuf *pam_id, char *map_ident_attr, int *locked)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
Slapi_Entry *entry = NULL;
|
|
|
5873fa |
char *attrs[] = {NULL, NULL};
|
|
|
5873fa |
attrs[0] = map_ident_attr;
|
|
|
5873fa |
- int rc = slapi_search_internal_get_entry((Slapi_DN *)bindsdn, attrs, &entry,
|
|
|
5873fa |
- pam_passthruauth_get_plugin_identity());
|
|
|
5873fa |
+ int32_t rc = slapi_search_get_entry(&entry_pb, (Slapi_DN *)bindsdn, attrs, &entry,
|
|
|
5873fa |
+ pam_passthruauth_get_plugin_identity());
|
|
|
5873fa |
|
|
|
5873fa |
if (rc != LDAP_SUCCESS) {
|
|
|
5873fa |
slapi_log_err(SLAPI_LOG_ERR, PAM_PASSTHRU_PLUGIN_SUBSYSTEM,
|
|
|
5873fa |
@@ -108,7 +109,7 @@ derive_from_bind_entry(Slapi_PBlock *pb, const Slapi_DN *bindsdn, MyStrBuf *pam_
|
|
|
5873fa |
init_my_str_buf(pam_id, val);
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
- slapi_entry_free(entry);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
|
|
|
5873fa |
return pam_id->str;
|
|
|
5873fa |
}
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/pam_passthru/pam_ptpreop.c b/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
|
|
|
5873fa |
index 3d0067531..5bca823ff 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/pam_passthru/pam_ptpreop.c
|
|
|
5873fa |
@@ -526,6 +526,7 @@ done:
|
|
|
5873fa |
static int
|
|
|
5873fa |
pam_passthru_preop(Slapi_PBlock *pb, int modtype)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
Slapi_DN *sdn = NULL;
|
|
|
5873fa |
Slapi_Entry *e = NULL;
|
|
|
5873fa |
LDAPMod **mods;
|
|
|
5873fa |
@@ -555,8 +556,8 @@ pam_passthru_preop(Slapi_PBlock *pb, int modtype)
|
|
|
5873fa |
case LDAP_CHANGETYPE_MODIFY:
|
|
|
5873fa |
/* Fetch the entry being modified so we can
|
|
|
5873fa |
* create the resulting entry for validation. */
|
|
|
5873fa |
- slapi_search_internal_get_entry(sdn, 0, &e,
|
|
|
5873fa |
- pam_passthruauth_get_plugin_identity());
|
|
|
5873fa |
+ slapi_search_get_entry(&entry_pb, sdn, 0, &e,
|
|
|
5873fa |
+ pam_passthruauth_get_plugin_identity());
|
|
|
5873fa |
|
|
|
5873fa |
/* If the entry doesn't exist, just bail and
|
|
|
5873fa |
* let the server handle it. */
|
|
|
5873fa |
@@ -576,9 +577,6 @@ pam_passthru_preop(Slapi_PBlock *pb, int modtype)
|
|
|
5873fa |
/* Don't bail here, as we need to free the entry. */
|
|
|
5873fa |
}
|
|
|
5873fa |
}
|
|
|
5873fa |
-
|
|
|
5873fa |
- /* Free the entry. */
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
break;
|
|
|
5873fa |
case LDAP_CHANGETYPE_DELETE:
|
|
|
5873fa |
case LDAP_CHANGETYPE_MODDN:
|
|
|
5873fa |
@@ -591,6 +589,7 @@ pam_passthru_preop(Slapi_PBlock *pb, int modtype)
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
bail:
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
/* If we are refusing the operation, return the result to the client. */
|
|
|
5873fa |
if (ret) {
|
|
|
5873fa |
slapi_send_ldap_result(pb, ret, NULL, returntext, 0, NULL);
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/replication/repl5_tot_protocol.c b/ldap/servers/plugins/replication/repl5_tot_protocol.c
|
|
|
5873fa |
index 3b65d6b20..a25839f21 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/replication/repl5_tot_protocol.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/replication/repl5_tot_protocol.c
|
|
|
5873fa |
@@ -469,7 +469,8 @@ retry:
|
|
|
5873fa |
*/
|
|
|
5873fa |
/* Get suffix */
|
|
|
5873fa |
Slapi_Entry *suffix = NULL;
|
|
|
5873fa |
- rc = slapi_search_internal_get_entry(area_sdn, NULL, &suffix, repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION));
|
|
|
5873fa |
+ Slapi_PBlock *suffix_pb = NULL;
|
|
|
5873fa |
+ rc = slapi_search_get_entry(&suffix_pb, area_sdn, NULL, &suffix, repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION));
|
|
|
5873fa |
if (rc) {
|
|
|
5873fa |
slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name, "repl5_tot_run - Unable to "
|
|
|
5873fa |
"get the suffix entry \"%s\".\n",
|
|
|
5873fa |
@@ -517,7 +518,7 @@ retry:
|
|
|
5873fa |
LDAP_SCOPE_SUBTREE, "(parentid>=1)", NULL, 0, ctrls, NULL,
|
|
|
5873fa |
repl_get_plugin_identity(PLUGIN_MULTIMASTER_REPLICATION), OP_FLAG_BULK_IMPORT);
|
|
|
5873fa |
cb_data.num_entries = 0UL;
|
|
|
5873fa |
- slapi_entry_free(suffix);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&suffix_pb);
|
|
|
5873fa |
} else {
|
|
|
5873fa |
/* Original total update */
|
|
|
5873fa |
/* we need to provide managedsait control so that referral entries can
|
|
|
5873fa |
diff --git a/ldap/servers/plugins/uiduniq/uid.c b/ldap/servers/plugins/uiduniq/uid.c
|
|
|
5873fa |
index d7ccf0e07..e69012204 100644
|
|
|
5873fa |
--- a/ldap/servers/plugins/uiduniq/uid.c
|
|
|
5873fa |
+++ b/ldap/servers/plugins/uiduniq/uid.c
|
|
|
5873fa |
@@ -1254,6 +1254,7 @@ preop_modify(Slapi_PBlock *pb)
|
|
|
5873fa |
static int
|
|
|
5873fa |
preop_modrdn(Slapi_PBlock *pb)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
int result = LDAP_SUCCESS;
|
|
|
5873fa |
Slapi_Entry *e = NULL;
|
|
|
5873fa |
Slapi_Value *sv_requiredObjectClass = NULL;
|
|
|
5873fa |
@@ -1351,7 +1352,7 @@ preop_modrdn(Slapi_PBlock *pb)
|
|
|
5873fa |
|
|
|
5873fa |
/* Get the entry that is being renamed so we can make a dummy copy
|
|
|
5873fa |
* of what it will look like after the rename. */
|
|
|
5873fa |
- err = slapi_search_internal_get_entry(sdn, NULL, &e, plugin_identity);
|
|
|
5873fa |
+ err = slapi_search_get_entry(&entry_pb, sdn, NULL, &e, plugin_identity);
|
|
|
5873fa |
if (err != LDAP_SUCCESS) {
|
|
|
5873fa |
result = uid_op_error(35);
|
|
|
5873fa |
/* We want to return a no such object error if the target doesn't exist. */
|
|
|
5873fa |
@@ -1371,24 +1372,24 @@ preop_modrdn(Slapi_PBlock *pb)
|
|
|
5873fa |
|
|
|
5873fa |
|
|
|
5873fa |
/*
|
|
|
5873fa |
- * Check if it has the required object class
|
|
|
5873fa |
- */
|
|
|
5873fa |
+ * Check if it has the required object class
|
|
|
5873fa |
+ */
|
|
|
5873fa |
if (requiredObjectClass &&
|
|
|
5873fa |
!slapi_entry_attr_has_syntax_value(e, SLAPI_ATTR_OBJECTCLASS, sv_requiredObjectClass)) {
|
|
|
5873fa |
break;
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
/*
|
|
|
5873fa |
- * Find any unique attribute data in the new RDN
|
|
|
5873fa |
- */
|
|
|
5873fa |
+ * Find any unique attribute data in the new RDN
|
|
|
5873fa |
+ */
|
|
|
5873fa |
for (i = 0; attrNames && attrNames[i]; i++) {
|
|
|
5873fa |
err = slapi_entry_attr_find(e, attrNames[i], &attr);
|
|
|
5873fa |
if (!err) {
|
|
|
5873fa |
/*
|
|
|
5873fa |
- * Passed all the requirements - this is an operation we
|
|
|
5873fa |
- * need to enforce uniqueness on. Now find all parent entries
|
|
|
5873fa |
- * with the marker object class, and do a search for each one.
|
|
|
5873fa |
- */
|
|
|
5873fa |
+ * Passed all the requirements - this is an operation we
|
|
|
5873fa |
+ * need to enforce uniqueness on. Now find all parent entries
|
|
|
5873fa |
+ * with the marker object class, and do a search for each one.
|
|
|
5873fa |
+ */
|
|
|
5873fa |
if (NULL != markerObjectClass) {
|
|
|
5873fa |
/* Subtree defined by location of marker object class */
|
|
|
5873fa |
result = findSubtreeAndSearch(slapi_entry_get_sdn(e), attrNames, attr, NULL,
|
|
|
5873fa |
@@ -1407,8 +1408,8 @@ preop_modrdn(Slapi_PBlock *pb)
|
|
|
5873fa |
END
|
|
|
5873fa |
/* Clean-up */
|
|
|
5873fa |
slapi_value_free(&sv_requiredObjectClass);
|
|
|
5873fa |
- if (e)
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
+
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
|
|
|
5873fa |
if (result) {
|
|
|
5873fa |
slapi_log_err(SLAPI_LOG_PLUGIN, plugin_name,
|
|
|
5873fa |
diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c
|
|
|
5873fa |
index 65f23363a..a70f40316 100644
|
|
|
5873fa |
--- a/ldap/servers/slapd/daemon.c
|
|
|
5873fa |
+++ b/ldap/servers/slapd/daemon.c
|
|
|
5873fa |
@@ -1916,18 +1916,13 @@ slapd_bind_local_user(Connection *conn)
|
|
|
5873fa |
char *root_dn = config_get_ldapi_root_dn();
|
|
|
5873fa |
|
|
|
5873fa |
if (root_dn) {
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
Slapi_DN *edn = slapi_sdn_new_dn_byref(
|
|
|
5873fa |
slapi_dn_normalize(root_dn));
|
|
|
5873fa |
Slapi_Entry *e = 0;
|
|
|
5873fa |
|
|
|
5873fa |
/* root might be locked too! :) */
|
|
|
5873fa |
- ret = slapi_search_internal_get_entry(
|
|
|
5873fa |
- edn, 0,
|
|
|
5873fa |
- &e,
|
|
|
5873fa |
- (void *)plugin_get_default_component_id()
|
|
|
5873fa |
-
|
|
|
5873fa |
- );
|
|
|
5873fa |
-
|
|
|
5873fa |
+ ret = slapi_search_get_entry(&entry_pb, edn, 0, &e, (void *)plugin_get_default_component_id());
|
|
|
5873fa |
if (0 == ret && e) {
|
|
|
5873fa |
ret = slapi_check_account_lock(
|
|
|
5873fa |
0, /* pb not req */
|
|
|
5873fa |
@@ -1955,7 +1950,7 @@ slapd_bind_local_user(Connection *conn)
|
|
|
5873fa |
root_map_free:
|
|
|
5873fa |
/* root_dn consumed by bind creds set */
|
|
|
5873fa |
slapi_sdn_free(&edn;;
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
ret = 0;
|
|
|
5873fa |
}
|
|
|
5873fa |
}
|
|
|
5873fa |
diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
|
|
|
5873fa |
index bbc0ab71a..259bedfff 100644
|
|
|
5873fa |
--- a/ldap/servers/slapd/modify.c
|
|
|
5873fa |
+++ b/ldap/servers/slapd/modify.c
|
|
|
5873fa |
@@ -592,6 +592,7 @@ modify_internal_pb(Slapi_PBlock *pb)
|
|
|
5873fa |
static void
|
|
|
5873fa |
op_shared_modify(Slapi_PBlock *pb, int pw_change, char *old_pw)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
Slapi_Backend *be = NULL;
|
|
|
5873fa |
Slapi_Entry *pse;
|
|
|
5873fa |
Slapi_Entry *referral;
|
|
|
5873fa |
@@ -723,7 +724,7 @@ op_shared_modify(Slapi_PBlock *pb, int pw_change, char *old_pw)
|
|
|
5873fa |
* 2. If yes, then if the mods contain any passwdpolicy specific attributes.
|
|
|
5873fa |
* 3. If yes, then it invokes corrosponding checking function.
|
|
|
5873fa |
*/
|
|
|
5873fa |
- if (!repl_op && !internal_op && normdn && (e = get_entry(pb, normdn))) {
|
|
|
5873fa |
+ if (!repl_op && !internal_op && normdn && slapi_search_get_entry(&entry_pb, sdn, NULL, &e, NULL) == LDAP_SUCCESS) {
|
|
|
5873fa |
Slapi_Value target;
|
|
|
5873fa |
slapi_value_init(&target);
|
|
|
5873fa |
slapi_value_set_string(&target, "passwordpolicy");
|
|
|
5873fa |
@@ -1072,7 +1073,7 @@ free_and_return : {
|
|
|
5873fa |
slapi_entry_free(epre);
|
|
|
5873fa |
slapi_entry_free(epost);
|
|
|
5873fa |
}
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
|
|
|
5873fa |
if (be)
|
|
|
5873fa |
slapi_be_Unlock(be);
|
|
|
5873fa |
@@ -1202,12 +1203,13 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
|
|
|
5873fa |
if (!internal_op) {
|
|
|
5873fa |
/* slapi_acl_check_mods needs an array of LDAPMods, but
|
|
|
5873fa |
* we're really only interested in the one password mod. */
|
|
|
5873fa |
+ Slapi_PBlock *entry_pb = NULL;
|
|
|
5873fa |
LDAPMod *mods[2];
|
|
|
5873fa |
mods[0] = mod;
|
|
|
5873fa |
mods[1] = NULL;
|
|
|
5873fa |
|
|
|
5873fa |
/* We need to actually fetch the target here to use for ACI checking. */
|
|
|
5873fa |
- slapi_search_internal_get_entry(&sdn, NULL, &e, (void *)plugin_get_default_component_id());
|
|
|
5873fa |
+ slapi_search_get_entry(&entry_pb, &sdn, NULL, &e, NULL);
|
|
|
5873fa |
|
|
|
5873fa |
/* Create a bogus entry with just the target dn if we were unable to
|
|
|
5873fa |
* find the actual entry. This will only be used for checking the ACIs. */
|
|
|
5873fa |
@@ -1238,9 +1240,12 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
|
|
|
5873fa |
}
|
|
|
5873fa |
send_ldap_result(pb, res, NULL, errtxt, 0, NULL);
|
|
|
5873fa |
slapi_ch_free_string(&errtxt);
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
rc = -1;
|
|
|
5873fa |
goto done;
|
|
|
5873fa |
}
|
|
|
5873fa |
+ /* done with slapi entry e */
|
|
|
5873fa |
+ slapi_search_get_entry_done(&entry_pb);
|
|
|
5873fa |
|
|
|
5873fa |
/*
|
|
|
5873fa |
* If this mod is being performed by a password administrator/rootDN,
|
|
|
5873fa |
@@ -1353,7 +1358,6 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
|
|
|
5873fa |
valuearray_free(&values);
|
|
|
5873fa |
|
|
|
5873fa |
done:
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
slapi_sdn_done(&sdn;;
|
|
|
5873fa |
slapi_ch_free_string(&proxydn);
|
|
|
5873fa |
slapi_ch_free_string(&proxystr);
|
|
|
5873fa |
diff --git a/ldap/servers/slapd/plugin_internal_op.c b/ldap/servers/slapd/plugin_internal_op.c
|
|
|
5873fa |
index 9da266b61..a140e7988 100644
|
|
|
5873fa |
--- a/ldap/servers/slapd/plugin_internal_op.c
|
|
|
5873fa |
+++ b/ldap/servers/slapd/plugin_internal_op.c
|
|
|
5873fa |
@@ -882,3 +882,51 @@ slapi_search_internal_get_entry(Slapi_DN *dn, char **attrs, Slapi_Entry **ret_en
|
|
|
5873fa |
int_search_pb = NULL;
|
|
|
5873fa |
return rc;
|
|
|
5873fa |
}
|
|
|
5873fa |
+
|
|
|
5873fa |
+int32_t
|
|
|
5873fa |
+slapi_search_get_entry(Slapi_PBlock **pb, Slapi_DN *dn, char **attrs, Slapi_Entry **ret_entry, void *component_identity)
|
|
|
5873fa |
+{
|
|
|
5873fa |
+ Slapi_Entry **entries = NULL;
|
|
|
5873fa |
+ int32_t rc = 0;
|
|
|
5873fa |
+ void *component = component_identity;
|
|
|
5873fa |
+
|
|
|
5873fa |
+ if (ret_entry) {
|
|
|
5873fa |
+ *ret_entry = NULL;
|
|
|
5873fa |
+ }
|
|
|
5873fa |
+
|
|
|
5873fa |
+ if (component == NULL) {
|
|
|
5873fa |
+ component = (void *)plugin_get_default_component_id();
|
|
|
5873fa |
+ }
|
|
|
5873fa |
+
|
|
|
5873fa |
+ if (*pb == NULL) {
|
|
|
5873fa |
+ *pb = slapi_pblock_new();
|
|
|
5873fa |
+ }
|
|
|
5873fa |
+ slapi_search_internal_set_pb(*pb, slapi_sdn_get_dn(dn), LDAP_SCOPE_BASE,
|
|
|
5873fa |
+ "(|(objectclass=*)(objectclass=ldapsubentry))",
|
|
|
5873fa |
+ attrs, 0, NULL, NULL, component, 0 );
|
|
|
5873fa |
+ slapi_search_internal_pb(*pb);
|
|
|
5873fa |
+ slapi_pblock_get(*pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
|
|
|
5873fa |
+ if (LDAP_SUCCESS == rc) {
|
|
|
5873fa |
+ slapi_pblock_get(*pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries);
|
|
|
5873fa |
+ if (NULL != entries && NULL != entries[0]) {
|
|
|
5873fa |
+ /* Only need to dup the entry if the caller passed ret_entry in. */
|
|
|
5873fa |
+ if (ret_entry) {
|
|
|
5873fa |
+ *ret_entry = entries[0];
|
|
|
5873fa |
+ }
|
|
|
5873fa |
+ } else {
|
|
|
5873fa |
+ rc = LDAP_NO_SUCH_OBJECT;
|
|
|
5873fa |
+ }
|
|
|
5873fa |
+ }
|
|
|
5873fa |
+
|
|
|
5873fa |
+ return rc;
|
|
|
5873fa |
+}
|
|
|
5873fa |
+
|
|
|
5873fa |
+void
|
|
|
5873fa |
+slapi_search_get_entry_done(Slapi_PBlock **pb)
|
|
|
5873fa |
+{
|
|
|
5873fa |
+ if (pb && *pb) {
|
|
|
5873fa |
+ slapi_free_search_results_internal(*pb);
|
|
|
5873fa |
+ slapi_pblock_destroy(*pb);
|
|
|
5873fa |
+ *pb = NULL;
|
|
|
5873fa |
+ }
|
|
|
5873fa |
+}
|
|
|
5873fa |
diff --git a/ldap/servers/slapd/resourcelimit.c b/ldap/servers/slapd/resourcelimit.c
|
|
|
5873fa |
index 705344c84..9c2619716 100644
|
|
|
5873fa |
--- a/ldap/servers/slapd/resourcelimit.c
|
|
|
5873fa |
+++ b/ldap/servers/slapd/resourcelimit.c
|
|
|
5873fa |
@@ -305,22 +305,17 @@ reslimit_get_ext(Slapi_Connection *conn, const char *logname, SLAPIResLimitConnD
|
|
|
5873fa |
int
|
|
|
5873fa |
reslimit_update_from_dn(Slapi_Connection *conn, Slapi_DN *dn)
|
|
|
5873fa |
{
|
|
|
5873fa |
- Slapi_Entry *e;
|
|
|
5873fa |
+ Slapi_PBlock *pb = NULL;
|
|
|
5873fa |
+ Slapi_Entry *e = NULL;
|
|
|
5873fa |
int rc;
|
|
|
5873fa |
|
|
|
5873fa |
- e = NULL;
|
|
|
5873fa |
if (dn != NULL) {
|
|
|
5873fa |
-
|
|
|
5873fa |
char **attrs = reslimit_get_registered_attributes();
|
|
|
5873fa |
- (void)slapi_search_internal_get_entry(dn, attrs, &e, reslimit_componentid);
|
|
|
5873fa |
+ slapi_search_get_entry(&pb, dn, attrs, &e, reslimit_componentid);
|
|
|
5873fa |
charray_free(attrs);
|
|
|
5873fa |
}
|
|
|
5873fa |
-
|
|
|
5873fa |
rc = reslimit_update_from_entry(conn, e);
|
|
|
5873fa |
-
|
|
|
5873fa |
- if (NULL != e) {
|
|
|
5873fa |
- slapi_entry_free(e);
|
|
|
5873fa |
- }
|
|
|
5873fa |
+ slapi_search_get_entry_done(&pb;;
|
|
|
5873fa |
|
|
|
5873fa |
return (rc);
|
|
|
5873fa |
}
|
|
|
5873fa |
diff --git a/ldap/servers/slapd/schema.c b/ldap/servers/slapd/schema.c
|
|
|
5873fa |
index d44b03b0e..bf7e59f75 100644
|
|
|
5873fa |
--- a/ldap/servers/slapd/schema.c
|
|
|
5873fa |
+++ b/ldap/servers/slapd/schema.c
|
|
|
5873fa |
@@ -341,6 +341,7 @@ schema_policy_add_action(Slapi_Entry *entry, char *attrName, schema_item_t **lis
|
|
|
5873fa |
static void
|
|
|
5873fa |
schema_load_repl_policy(const char *dn, repl_schema_policy_t *replica)
|
|
|
5873fa |
{
|
|
|
5873fa |
+ Slapi_PBlock *pb = NULL;
|
|
|
5873fa |
Slapi_DN sdn;
|
|
|
5873fa |
Slapi_Entry *entry = NULL;
|
|
|
5873fa |
schema_item_t *schema_item, *next;
|
|
|
5873fa |
@@ -369,8 +370,7 @@ schema_load_repl_policy(const char *dn, repl_schema_policy_t *replica)
|
|
|
5873fa |
|
|
|
5873fa |
/* Load the replication policy of the schema */
|
|
|
5873fa |
slapi_sdn_init_dn_byref(&sdn, dn);
|
|
|
5873fa |
- if (slapi_search_internal_get_entry(&sdn, NULL, &entry, plugin_get_default_component_id()) == LDAP_SUCCESS) {
|
|
|
5873fa |
-
|
|
|
5873fa |
+ if (slapi_search_get_entry(&pb, &sdn, NULL, &entry, plugin_get_default_component_id()) == LDAP_SUCCESS) {
|
|
|
5873fa |
/* fill the policies (accept/reject) regarding objectclass */
|
|
|
5873fa |
schema_policy_add_action(entry, ATTR_SCHEMA_UPDATE_OBJECTCLASS_ACCEPT, &replica->objectclasses);
|
|
|
5873fa |
schema_policy_add_action(entry, ATTR_SCHEMA_UPDATE_OBJECTCLASS_REJECT, &replica->objectclasses);
|
|
|
5873fa |
@@ -378,9 +378,8 @@ schema_load_repl_policy(const char *dn, repl_schema_policy_t *replica)
|
|
|
5873fa |
/* fill the policies (accept/reject) regarding attribute */
|
|
|
5873fa |
schema_policy_add_action(entry, ATTR_SCHEMA_UPDATE_ATTRIBUTE_ACCEPT, &replica->attributes);
|
|
|
5873fa |
schema_policy_add_action(entry, ATTR_SCHEMA_UPDATE_ATTRIBUTE_REJECT, &replica->attributes);
|
|
|
5873fa |
-
|
|
|
5873fa |
- slapi_entry_free(entry);
|
|
|
5873fa |
}
|
|
|
5873fa |
+ slapi_search_get_entry_done(&pb;;
|
|
|
5873fa |
slapi_sdn_done(&sdn;;
|
|
|
5873fa |
}
|
|
|
5873fa |
|
|
|
5873fa |
diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
|
|
|
5873fa |
index 0e3857068..be1e52e4d 100644
|
|
|
5873fa |
--- a/ldap/servers/slapd/slapi-plugin.h
|
|
|
5873fa |
+++ b/ldap/servers/slapd/slapi-plugin.h
|
|
|
5873fa |
@@ -5972,7 +5972,7 @@ void slapi_seq_internal_set_pb(Slapi_PBlock *pb, char *ibase, int type, char *at
|
|
|
5873fa |
|
|
|
5873fa |
/*
|
|
|
5873fa |
* slapi_search_internal_get_entry() finds an entry given a dn. It returns
|
|
|
5873fa |
- * an LDAP error code (LDAP_SUCCESS if all goes well).
|
|
|
5873fa |
+ * an LDAP error code (LDAP_SUCCESS if all goes well). Caller must free ret_entry
|
|
|
5873fa |
*/
|
|
|
5873fa |
int slapi_search_internal_get_entry(Slapi_DN *dn, char **attrlist, Slapi_Entry **ret_entry, void *caller_identity);
|
|
|
5873fa |
|
|
|
5873fa |
@@ -8296,6 +8296,27 @@ uint64_t slapi_atomic_decr_64(uint64_t *ptr, int memorder);
|
|
|
5873fa |
/* helper function */
|
|
|
5873fa |
const char * slapi_fetch_attr(Slapi_Entry *e, const char *attrname, char *default_val);
|
|
|
5873fa |
|
|
|
5873fa |
+/**
|
|
|
5873fa |
+ * Get a Slapi_Entry via an internal search. The caller then needs to call
|
|
|
5873fa |
+ * slapi_get_entry_done() to free any resources allocated to get the entry
|
|
|
5873fa |
+ *
|
|
|
5873fa |
+ * \param pb - slapi_pblock pointer (the function will allocate if necessary)
|
|
|
5873fa |
+ * \param dn - Slapi_DN of the entry to retrieve
|
|
|
5873fa |
+ * \param attrs - char list of attributes to get
|
|
|
5873fa |
+ * \param ret_entry - pointer to a Slapi_entry wer the returned entry is stored
|
|
|
5873fa |
+ * \param component_identity - plugin component
|
|
|
5873fa |
+ *
|
|
|
5873fa |
+ * \return - ldap result code
|
|
|
5873fa |
+ */
|
|
|
5873fa |
+int32_t slapi_search_get_entry(Slapi_PBlock **pb, Slapi_DN *dn, char **attrs, Slapi_Entry **ret_entry, void *component_identity);
|
|
|
5873fa |
+
|
|
|
5873fa |
+/**
|
|
|
5873fa |
+ * Free the resources allocated by slapi_search_get_entry()
|
|
|
5873fa |
+ *
|
|
|
5873fa |
+ * \param pb - slapi_pblock pointer
|
|
|
5873fa |
+ */
|
|
|
5873fa |
+void slapi_search_get_entry_done(Slapi_PBlock **pb);
|
|
|
5873fa |
+
|
|
|
5873fa |
#ifdef __cplusplus
|
|
|
5873fa |
}
|
|
|
5873fa |
#endif
|
|
|
5873fa |
--
|
|
|
5873fa |
2.26.2
|
|
|
5873fa |
|