ITS#7215 Allow cleanups/commits to fail (once)

Some config changes need to be prepared at entry modification time and
then checked/committed at the end. Such a check can fail, so we need to
do this early enough and also commit the opposite change during a revert
step.

The assumption is that the original version is consistent and bconfig
can accurately reconstruct it, so the revert cleanups will not fail and
so all of them get to be run. We set ca->reply.err so that the cleanups
can be made aware and comply with this assumption.

diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index 0a1a3593b0108342a3e5eaac266a82bf376d9365..ca4e76cc7ae4daa236365492a9c757ef2176a33c 100644 (file)
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -5835,6 +5835,7 @@ done:
                } else if ( coptr->co_type == Cft_Schema ) {
                        schema_destroy_one( ca, colst, nocs, last );
                } else if ( ca->num_cleanups ) {
+                       ca->reply.err = rc;
                        config_run_cleanup( ca );
                }
        }
@@ -6327,6 +6328,11 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs,
                }
        }
 
+       /* Apply pending changes */
+       if ( rc == LDAP_SUCCESS && ca->num_cleanups ) {
+               rc = config_run_cleanup( ca );
+       }
+
 out:
        /* Undo for a failed operation */
        if ( rc != LDAP_SUCCESS ) {
@@ -6371,14 +6377,12 @@ out:
                                }
                        }
                }
+               if ( ca->num_cleanups ) {
+                       ca->reply.err = rc;
+                       config_run_cleanup( ca );
+               }
                ca->reply = msg;
        }
-
-       if ( ca->num_cleanups ) {
-               i = config_run_cleanup( ca );
-               if (rc == LDAP_SUCCESS)
-                       rc = i;
-       }
 out_noop:
        if ( rc == LDAP_SUCCESS ) {
                attrs_free( save_attrs );