From 12e11c9b84586768a816c05736652117e6b04553 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Tue, 18 Aug 2020 23:19:56 +0100
Subject: [PATCH] ITS#9121 slapo-dynlist, -memberof: define memberOf if needed

Ignore if it's defined already. Make it no-user-mod.
---
 servers/slapd/overlays/dynlist.c  | 22 ++++++++++++++++++++++
 servers/slapd/overlays/memberof.c |  6 +++---
 2 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/servers/slapd/overlays/dynlist.c b/servers/slapd/overlays/dynlist.c
index 182295ea6c..7fd113a289 100644
--- a/servers/slapd/overlays/dynlist.c
+++ b/servers/slapd/overlays/dynlist.c
@@ -37,6 +37,7 @@
 #include "lutil.h"
 
 static AttributeDescription *ad_dgIdentity, *ad_dgAuthz;
+static AttributeDescription *ad_memberOf;
 
 typedef struct dynlist_map_t {
 	AttributeDescription	*dlm_member_ad;
@@ -2626,8 +2627,29 @@ static
 int
 dynlist_initialize(void)
 {
+	const char *text;
 	int	rc = 0;
 
+	/* See if we need to define memberOf opattr */
+	rc = slap_str2ad( "memberOf", &ad_memberOf, &text );
+	if ( rc ) {
+		rc = register_at(
+		"( 1.2.840.113556.1.2.102 "
+		"NAME 'memberOf' "
+		"DESC 'Group that the entry belongs to' "
+		"SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' "
+		"EQUALITY distinguishedNameMatch "	/* added */
+		"USAGE dSAOperation "			/* added; questioned */
+		"NO-USER-MODIFICATION " 		/* added */
+		"X-ORIGIN 'iPlanet Delegated Administrator' )",
+		&ad_memberOf, 0 );
+		if ( rc ) {
+			Debug( LDAP_DEBUG_ANY,
+				"dynlist_initialize: register_at (memberOf) failed\n" );
+			return rc;
+		}
+	}
+
 	dynlist.on_bi.bi_type = "dynlist";
 
 #ifdef TAKEOVER_DYNGROUP
diff --git a/servers/slapd/overlays/memberof.c b/servers/slapd/overlays/memberof.c
index 6d60fc1443..8e159bc2f3 100644
--- a/servers/slapd/overlays/memberof.c
+++ b/servers/slapd/overlays/memberof.c
@@ -2155,7 +2155,7 @@ static struct {
 		"SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' "
 		"EQUALITY distinguishedNameMatch "	/* added */
 		"USAGE dSAOperation "			/* added; questioned */
-		/* "NO-USER-MODIFICATION " */		/* add? */
+		"NO-USER-MODIFICATION " 		/* added */
 		"X-ORIGIN 'iPlanet Delegated Administrator' )",
 		&ad_memberOf },
 	{ NULL }
@@ -2170,8 +2170,8 @@ memberof_initialize( void )
 	int			code, i;
 
 	for ( i = 0; as[ i ].desc != NULL; i++ ) {
-		code = register_at( as[ i ].desc, as[ i ].adp, 0 );
-		if ( code ) {
+		code = register_at( as[ i ].desc, as[ i ].adp, 1 );
+		if ( code && code != SLAP_SCHERR_ATTR_DUP ) {
 			Debug( LDAP_DEBUG_ANY,
 				"memberof_initialize: register_at #%d failed\n",
 				i );