Apply fix for schema check bug (ITS#25) from -devel.

diff --git a/CHANGES b/CHANGES
index ed133c30d402a7b212bea32e900ed249400f4166..a3dbced03630076879874f1254802999c33ff7f2 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,9 +2,10 @@ OpenLDAP Change Log
 
 Changes included in OpenLDAP 1.1.2
        CVS Tag: OPENLDAP_REL_ENG_1_1_2
+       Fixed slapd schema check bug
+       Fixed slapd/back-ldbm/search matched initialization bug
        Fixed misc. overlapping strcpy bugs
        Fixed misc. memory leaks
-       Fixed slapd/back-ldbm/search matched initialization bug
 
 Changes included in OpenLDAP 1.1.1
        CVS Tag: OPENLDAP_REL_ENG_1_1_1

diff --git a/servers/slapd/charray.c b/servers/slapd/charray.c
index 26a669cd60e1e7ddcbb014372f60a49099e0ce01..c2eb56ceaa06b5c57acc202d96c02be05f2a6107 100644 (file)
--- a/servers/slapd/charray.c
+++ b/servers/slapd/charray.c
@@ -29,7 +29,7 @@ charray_add(
                    (n + 2) * sizeof(char *) );
        }
 
-       (*a)[n++] = s;
+       (*a)[n++] = ch_strdup(s);
        (*a)[n] = NULL;
 }
 
@@ -51,7 +51,7 @@ charray_merge(
        *a = (char **) ch_realloc( (char *) *a, (n + nn + 1) * sizeof(char *) );
 
        for ( i = 0; i < nn; i++ ) {
-               (*a)[n + i] = s[i];
+               (*a)[n + i] = ch_strdup(s[i]);
        }
        (*a)[n + nn] = NULL;
 }

diff --git a/servers/slapd/schema.c b/servers/slapd/schema.c
index 05dbd557776223c31098cd61c1172c32576a0653..f4fab6022c3403ff5e94d6b2a5c05cf38754ba2e 100644 (file)
--- a/servers/slapd/schema.c
+++ b/servers/slapd/schema.c
@@ -10,7 +10,7 @@
 #include "slap.h"
 
 static struct objclass *oc_find(char *ocname);
-static int             oc_check_required(Entry *e, char *ocname);
+static char *  oc_check_required(Entry *e, char *ocname);
 static int             oc_check_allowed(char *type, struct berval **ocl);
 
 /*
@@ -35,10 +35,12 @@ oc_schema_check( Entry *e )
 
        /* check that the entry has required attrs for each oc */
        for ( i = 0; aoc->a_vals[i] != NULL; i++ ) {
-               if ( oc_check_required( e, aoc->a_vals[i]->bv_val ) != 0 ) {
+               char *s = oc_check_required( e, aoc->a_vals[i]->bv_val );
+
+               if (s != NULL) {
                        Debug( LDAP_DEBUG_ANY,
-                           "Entry (%s), required attr (%s) missing\n",
-                           e->e_dn, aoc->a_vals[i]->bv_val, 0 );
+                           "Entry (%s), oc \"%s\" requires attr \"%s\"\n",
+                           e->e_dn, aoc->a_vals[i]->bv_val, s );
                        ret = 1;
                }
        }
@@ -51,7 +53,7 @@ oc_schema_check( Entry *e )
        for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
                if ( oc_check_allowed( a->a_type, aoc->a_vals ) != 0 ) {
                        Debug( LDAP_DEBUG_ANY,
-                           "Entry (%s), attr (%s) not allowed\n",
+                           "Entry (%s), attr \"%s\" not allowed\n",
                            e->e_dn, a->a_type, 0 );
                        ret = 1;
                }
@@ -60,7 +62,7 @@ oc_schema_check( Entry *e )
        return( ret );
 }
 
-static int
+static char *
 oc_check_required( Entry *e, char *ocname )
 {
        struct objclass *oc;
@@ -89,11 +91,25 @@ oc_check_required( Entry *e, char *ocname )
 
                /* not there => schema violation */
                if ( a == NULL ) {
-                       return( 1 );
+                       return oc->oc_required[i];
                }
        }
 
-       return( 0 );
+       return( NULL );
+}
+
+/*
+ * check to see if attribute is 'operational' or not.
+ * this function should be externalized...
+ */
+static int
+oc_check_operational( char *type )
+{
+       return ( strcasecmp( type, "modifiersname" ) == 0 ||
+               strcasecmp( type, "modifytimestamp" ) == 0 ||
+               strcasecmp( type, "creatorsname" ) == 0 ||
+               strcasecmp( type, "createtimestamp" ) == 0 )
+               ? 1 : 0;
 }
 
 static int
@@ -107,6 +123,10 @@ oc_check_allowed( char *type, struct berval **ocl )
                return( 0 );
        }
 
+       if ( oc_check_operational( type ) ) {
+               return( 0 );
+       }
+
        /* check that the type appears as req or opt in at least one oc */
        for ( i = 0; ocl[i] != NULL; i++ ) {
                /* if we know about the oc */

diff --git a/tests/data/slapd-master.conf b/tests/data/slapd-master.conf
index 2b936ab605f9f3fb83ae7dac84c95e2b39051551..74ce2d19b00fa86e987cd3984536438b24445883 100644 (file)
--- a/tests/data/slapd-master.conf
+++ b/tests/data/slapd-master.conf
@@ -3,13 +3,14 @@
 #
 include                ./data/slapd.at.conf
 include                ./data/slapd.oc.conf
-schemacheck    off
+schemacheck    on
 
 #######################################################################
 # ldbm database definitions
 #######################################################################
 
 database       ldbm
+cachesize      4
 suffix         "o=University of Michigan, c=US"
 directory      ./test-db
 rootdn         "cn=Manager, o=University of Michigan, c=US"

diff --git a/tests/data/slapd.oc.conf b/tests/data/slapd.oc.conf
index 94f2349ba5f8ba1268c33299979d154f2431de4f..02e3b2bdb17d175a2859cd7dd37eaba22d5f24cb 100644 (file)
--- a/tests/data/slapd.oc.conf
+++ b/tests/data/slapd.oc.conf
@@ -83,18 +83,17 @@ objectclass organizationalUnit
 objectclass person
        requires
                objectClass,
-               sn,
                cn
        allows
                description,
                seeAlso,
+               sn,
                telephoneNumber,
                userPassword
 
 objectclass organizationalPerson
        requires
                objectClass,
-               sn,
                cn
        allows
                description,
@@ -110,6 +109,7 @@ objectclass organizationalPerson
                preferredDeliveryMethod,
                registeredAddress,
                seeAlso,
+               sn,
                st,
                streetAddress,
                telephoneNumber,
@@ -161,7 +161,6 @@ objectclass groupOfNames
 objectclass residentialPerson
        requires
                objectClass,
-               sn,
                cn,
                l
        allows
@@ -178,6 +177,7 @@ objectclass residentialPerson
                preferredDeliveryMethod,
                registeredAddress,
                seeAlso,
+               sn,
                st,
                streetAddress,
                telephoneNumber,
@@ -261,7 +261,6 @@ objectclass pilotObject
 objectclass newPilotPerson
        requires
                objectClass,
-               sn,
                cn
        allows
                businessCategory,
@@ -270,6 +269,8 @@ objectclass newPilotPerson
                homePhone,
                homePostalAddress,
                janetMailbox,
+               lastModifiedBy,
+               lastModifiedTime,
                mail,
                mailPreferenceOption,
                mobile,
@@ -282,6 +283,7 @@ objectclass newPilotPerson
                roomNumber,
                secretary,
                seeAlso,
+               sn,
                telephoneNumber,
                textEncodedORaddress,
                uid,
@@ -663,9 +665,7 @@ objectclass kerberosSecurityObject
 objectclass umichPerson
        requires
                objectClass,
-               sn,
-               cn,
-               universityID
+               cn
        allows
                affiliationCode,
                audio,
@@ -714,6 +714,7 @@ objectclass umichPerson
                roomNumber,
                secretary,
                seeAlso,
+               sn,
                st,
                streetAddress,
                telephoneNumber,
@@ -722,6 +723,7 @@ objectclass umichPerson
                textEncodedORaddress,
                title,
                uid,
+               universityID,
                updateSource,
                userCertificate,
                userClass,