From 9066d1429095c0648097fd9c9ded110c28e85e85 Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Tue, 21 Aug 2007 14:52:43 +0000 Subject: [PATCH] add support for tree delete along with minor fixes (portions ITS#3497) --- servers/slapd/back-sql/back-sql.h | 56 +-- servers/slapd/back-sql/delete.c | 542 +++++++++++++++++++----------- servers/slapd/back-sql/entry-id.c | 6 +- servers/slapd/back-sql/init.c | 2 +- servers/slapd/back-sql/modify.c | 6 +- servers/slapd/back-sql/modrdn.c | 8 +- servers/slapd/back-sql/search.c | 14 +- tests/data/sql-write.out | 102 ++++++ 8 files changed, 503 insertions(+), 233 deletions(-) diff --git a/servers/slapd/back-sql/back-sql.h b/servers/slapd/back-sql/back-sql.h index 7f336724ee..98d06bc5e6 100644 --- a/servers/slapd/back-sql/back-sql.h +++ b/servers/slapd/back-sql/back-sql.h @@ -266,31 +266,6 @@ typedef struct backsql_api { struct backsql_api *ba_next; } backsql_api; -/* - * Entry ID structure - */ -typedef struct backsql_entryID { - /* #define BACKSQL_ARBITRARY_KEY to allow a non-numeric key. - * It is required by some special applications that use - * strings as keys for the main table. - * In this case, #define BACKSQL_MAX_KEY_LEN consistently - * with the key size definition */ -#ifdef BACKSQL_ARBITRARY_KEY - struct berval eid_id; - struct berval eid_keyval; -#define BACKSQL_MAX_KEY_LEN 64 -#else /* ! BACKSQL_ARBITRARY_KEY */ - /* The original numeric key is maintained as default. */ - unsigned long eid_id; - unsigned long eid_keyval; -#endif /* ! BACKSQL_ARBITRARY_KEY */ - - unsigned long eid_oc_id; - struct berval eid_dn; - struct berval eid_ndn; - struct backsql_entryID *eid_next; -} backsql_entryID; - #ifdef BACKSQL_ARBITRARY_KEY #define BACKSQL_ENTRYID_INIT { BER_BVNULL, BER_BVNULL, 0, BER_BVNULL, BER_BVNULL, NULL } #else /* ! BACKSQL_ARBITRARY_KEY */ @@ -397,14 +372,43 @@ typedef struct berbuf { #define BB_NULL { BER_BVNULL, 0 } +/* + * Entry ID structure + */ +typedef struct backsql_entryID { + /* #define BACKSQL_ARBITRARY_KEY to allow a non-numeric key. + * It is required by some special applications that use + * strings as keys for the main table. + * In this case, #define BACKSQL_MAX_KEY_LEN consistently + * with the key size definition */ +#ifdef BACKSQL_ARBITRARY_KEY + struct berval eid_id; + struct berval eid_keyval; +#define BACKSQL_MAX_KEY_LEN 64 +#else /* ! BACKSQL_ARBITRARY_KEY */ + /* The original numeric key is maintained as default. */ + unsigned long eid_id; + unsigned long eid_keyval; +#endif /* ! BACKSQL_ARBITRARY_KEY */ + + unsigned long eid_oc_id; + backsql_oc_map_rec *eid_oc; + struct berval eid_dn; + struct berval eid_ndn; + struct backsql_entryID *eid_next; +} backsql_entryID; + /* the function must collect the entry associated to nbase */ #define BACKSQL_ISF_GET_ID 0x1U #define BACKSQL_ISF_GET_ENTRY ( 0x2U | BACKSQL_ISF_GET_ID ) -#define BACKSQL_ISF_MATCHED 0x4U +#define BACKSQL_ISF_GET_OC ( 0x4U | BACKSQL_ISF_GET_ID ) +#define BACKSQL_ISF_MATCHED 0x8U #define BACKSQL_IS_GET_ID(f) \ ( ( (f) & BACKSQL_ISF_GET_ID ) == BACKSQL_ISF_GET_ID ) #define BACKSQL_IS_GET_ENTRY(f) \ ( ( (f) & BACKSQL_ISF_GET_ENTRY ) == BACKSQL_ISF_GET_ENTRY ) +#define BACKSQL_IS_GET_OC(f) \ + ( ( (f) & BACKSQL_ISF_GET_OC ) == BACKSQL_ISF_GET_OC ) #define BACKSQL_IS_MATCHED(f) \ ( ( (f) & BACKSQL_ISF_MATCHED ) == BACKSQL_ISF_MATCHED ) typedef struct backsql_srch_info { diff --git a/servers/slapd/back-sql/delete.c b/servers/slapd/back-sql/delete.c index 8b3ec7c2ed..ac0f9f62a7 100644 --- a/servers/slapd/back-sql/delete.c +++ b/servers/slapd/back-sql/delete.c @@ -58,8 +58,7 @@ backsql_delete_all_attrs( Operation *op, SlapReply *rs, SQLHDBC dbh, - backsql_entryID *e_id, - backsql_oc_map_rec *oc ) + backsql_entryID *eid ) { backsql_delete_attr_t bda; int rc; @@ -67,9 +66,9 @@ backsql_delete_all_attrs( bda.op = op; bda.rs = rs; bda.dbh = dbh; - bda.e_id = e_id; + bda.e_id = eid; - rc = avl_apply( oc->bom_attrs, backsql_delete_attr_f, &bda, + rc = avl_apply( eid->eid_oc->bom_attrs, backsql_delete_attr_f, &bda, BACKSQL_AVL_STOP, AVL_INORDER ); if ( rc == BACKSQL_AVL_STOP ) { return rs->sr_err; @@ -78,22 +77,344 @@ backsql_delete_all_attrs( return LDAP_SUCCESS; } +static int +backsql_delete_int( + Operation *op, + SlapReply *rs, + SQLHDBC dbh, + SQLHSTMT *sthp, + backsql_entryID *eid, + Entry **ep ) +{ + backsql_info *bi = (backsql_info*)op->o_bd->be_private; + SQLHSTMT sth = SQL_NULL_HSTMT; + RETCODE rc; + int prc = LDAP_SUCCESS; + /* first parameter no */ + SQLUSMALLINT pno = 0; + + sth = *sthp; + + /* avl_apply ... */ + rs->sr_err = backsql_delete_all_attrs( op, rs, dbh, eid ); + if ( rs->sr_err != LDAP_SUCCESS ) { + goto done; + } + + rc = backsql_Prepare( dbh, &sth, eid->eid_oc->bom_delete_proc, 0 ); + if ( rc != SQL_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + " backsql_delete(): " + "error preparing delete query\n", + 0, 0, 0 ); + backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); + + rs->sr_err = LDAP_OTHER; + rs->sr_text = "SQL-backend error"; + *ep = NULL; + goto done; + } + + if ( BACKSQL_IS_DEL( eid->eid_oc->bom_expect_return ) ) { + pno = 1; + rc = backsql_BindParamInt( sth, 1, SQL_PARAM_OUTPUT, &prc ); + if ( rc != SQL_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + " backsql_delete(): " + "error binding output parameter for objectClass %s\n", + eid->eid_oc->bom_oc->soc_cname.bv_val, 0, 0 ); + backsql_PrintErrors( bi->sql_db_env, dbh, + sth, rc ); + SQLFreeStmt( sth, SQL_DROP ); + + rs->sr_text = "SQL-backend error"; + rs->sr_err = LDAP_OTHER; + *ep = NULL; + goto done; + } + } + + rc = backsql_BindParamID( sth, pno + 1, SQL_PARAM_INPUT, &eid->eid_keyval ); + if ( rc != SQL_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + " backsql_delete(): " + "error binding keyval parameter for objectClass %s\n", + eid->eid_oc->bom_oc->soc_cname.bv_val, 0, 0 ); + backsql_PrintErrors( bi->sql_db_env, dbh, + sth, rc ); + SQLFreeStmt( sth, SQL_DROP ); + + rs->sr_text = "SQL-backend error"; + rs->sr_err = LDAP_OTHER; + *ep = NULL; + goto done; + } + + rc = SQLExecute( sth ); + if ( rc == SQL_SUCCESS && prc == LDAP_SUCCESS ) { + rs->sr_err = LDAP_SUCCESS; + + } else { + Debug( LDAP_DEBUG_TRACE, " backsql_delete(): " + "delete_proc execution failed (rc=%d, prc=%d)\n", + rc, prc, 0 ); + + + if ( prc != LDAP_SUCCESS ) { + /* SQL procedure executed fine + * but returned an error */ + rs->sr_err = BACKSQL_SANITIZE_ERROR( prc ); + + } else { + backsql_PrintErrors( bi->sql_db_env, dbh, + sth, rc ); + rs->sr_err = LDAP_OTHER; + } + SQLFreeStmt( sth, SQL_DROP ); + goto done; + } + SQLFreeStmt( sth, SQL_DROP ); + + /* delete "auxiliary" objectClasses, if any... */ + rc = backsql_Prepare( dbh, &sth, bi->sql_delobjclasses_stmt, 0 ); + if ( rc != SQL_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + " backsql_delete(): " + "error preparing ldap_entry_objclasses delete query\n", + 0, 0, 0 ); + backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); + + rs->sr_err = LDAP_OTHER; + rs->sr_text = "SQL-backend error"; + *ep = NULL; + goto done; + } + + rc = backsql_BindParamID( sth, 1, SQL_PARAM_INPUT, &eid->eid_id ); + if ( rc != SQL_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + " backsql_delete(): " + "error binding auxiliary objectClasses " + "entry ID parameter for objectClass %s\n", + eid->eid_oc->bom_oc->soc_cname.bv_val, 0, 0 ); + backsql_PrintErrors( bi->sql_db_env, dbh, + sth, rc ); + SQLFreeStmt( sth, SQL_DROP ); + + rs->sr_text = "SQL-backend error"; + rs->sr_err = LDAP_OTHER; + *ep = NULL; + goto done; + } + + rc = SQLExecute( sth ); + switch ( rc ) { + case SQL_NO_DATA: + /* apparently there were no "auxiliary" objectClasses + * for this entry... */ + case SQL_SUCCESS: + break; + + default: + Debug( LDAP_DEBUG_TRACE, " backsql_delete(): " + "failed to delete record from ldap_entry_objclasses\n", + 0, 0, 0 ); + backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); + SQLFreeStmt( sth, SQL_DROP ); + rs->sr_err = LDAP_OTHER; + rs->sr_text = "SQL-backend error"; + *ep = NULL; + goto done; + } + SQLFreeStmt( sth, SQL_DROP ); + + /* delete entry... */ + rc = backsql_Prepare( dbh, &sth, bi->sql_delentry_stmt, 0 ); + if ( rc != SQL_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + " backsql_delete(): " + "error preparing ldap_entries delete query\n", + 0, 0, 0 ); + backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); + + rs->sr_err = LDAP_OTHER; + rs->sr_text = "SQL-backend error"; + *ep = NULL; + goto done; + } + + rc = backsql_BindParamID( sth, 1, SQL_PARAM_INPUT, &eid->eid_id ); + if ( rc != SQL_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, + " backsql_delete(): " + "error binding entry ID parameter " + "for objectClass %s\n", + eid->eid_oc->bom_oc->soc_cname.bv_val, 0, 0 ); + backsql_PrintErrors( bi->sql_db_env, dbh, + sth, rc ); + SQLFreeStmt( sth, SQL_DROP ); + + rs->sr_text = "SQL-backend error"; + rs->sr_err = LDAP_OTHER; + *ep = NULL; + goto done; + } + + rc = SQLExecute( sth ); + if ( rc != SQL_SUCCESS ) { + Debug( LDAP_DEBUG_TRACE, " backsql_delete(): " + "failed to delete record from ldap_entries\n", + 0, 0, 0 ); + backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); + SQLFreeStmt( sth, SQL_DROP ); + rs->sr_err = LDAP_OTHER; + rs->sr_text = "SQL-backend error"; + *ep = NULL; + goto done; + } + SQLFreeStmt( sth, SQL_DROP ); + + rs->sr_err = LDAP_SUCCESS; + *ep = NULL; + +done:; + *sthp = sth; + + return rs->sr_err; +} + +typedef struct backsql_tree_delete_t { + Operation *btd_op; + int btd_rc; + backsql_entryID *btd_eid; +} backsql_tree_delete_t; + +static int +backsql_tree_delete_search_cb( Operation *op, SlapReply *rs ) +{ + if ( rs->sr_type == REP_SEARCH ) { + backsql_info *bi = (backsql_info*)op->o_bd->be_private; + backsql_tree_delete_t *btd; + backsql_entryID *eid; + + btd = (backsql_tree_delete_t *)op->o_callback->sc_private; + + if ( !access_allowed( btd->btd_op, rs->sr_entry, + slap_schema.si_ad_entry, NULL, ACL_WDEL, NULL ) + || !access_allowed( btd->btd_op, rs->sr_entry, + slap_schema.si_ad_children, NULL, ACL_WDEL, NULL ) ) + { + btd->btd_rc = LDAP_INSUFFICIENT_ACCESS; + return rs->sr_err = LDAP_UNAVAILABLE; + } + + assert( rs->sr_entry != NULL ); + assert( rs->sr_entry->e_private != NULL ); + + eid = (backsql_entryID *)rs->sr_entry->e_private; + assert( eid->eid_oc != NULL ); + if ( eid->eid_oc == NULL || eid->eid_oc->bom_delete_proc == NULL ) { + btd->btd_rc = LDAP_UNWILLING_TO_PERFORM; + return rs->sr_err = LDAP_UNAVAILABLE; + } + + eid = backsql_entryID_dup( eid, op->o_tmpmemctx ); + eid->eid_next = btd->btd_eid; + btd->btd_eid = eid; + } + + return 0; +} + +static int +backsql_tree_delete( + Operation *op, + SlapReply *rs, + SQLHDBC dbh, + SQLHSTMT *sthp ) +{ + Operation op2 = *op; + slap_callback sc = { 0 }; + SlapReply rs2 = { 0 }; + Filter f = { 0 }; + backsql_tree_delete_t btd = { 0 }; + + int rc; + + /* + * - perform an internal subtree search as the rootdn + * - for each entry + * - check access + * - check objectClass and delete method(s) + * - for each entry + * - delete + * - if successful, commit + */ + + op2.o_tag = LDAP_REQ_SEARCH; + op2.o_protocol = LDAP_VERSION3; + + btd.btd_op = op; + sc.sc_private = &btd; + sc.sc_response = backsql_tree_delete_search_cb; + op2.o_callback = ≻ + + op2.o_dn = op->o_bd->be_rootdn; + op2.o_ndn = op->o_bd->be_rootndn; + + op2.o_managedsait = SLAP_CONTROL_CRITICAL; + + op2.ors_scope = LDAP_SCOPE_SUBTREE; + op2.ors_deref = LDAP_DEREF_NEVER; + op2.ors_slimit = SLAP_NO_LIMIT; + op2.ors_tlimit = SLAP_NO_LIMIT; + op2.ors_filter = &f; + f.f_choice = LDAP_FILTER_PRESENT; + f.f_desc = slap_schema.si_ad_objectClass; + BER_BVSTR( &op2.ors_filterstr, "(objectClass=*)" ); + op2.ors_attrs = slap_anlist_all_attributes; + op2.ors_attrsonly = 0; + + rc = op->o_bd->be_search( &op2, &rs2 ); + if ( rc != LDAP_SUCCESS ) { + rc = rs->sr_err = btd.btd_rc; + rs->sr_text = "subtree delete not possible"; + send_ldap_result( op, rs ); + goto clean; + } + + for ( ; btd.btd_eid != NULL; + btd.btd_eid = backsql_free_entryID( btd.btd_eid, + 1, op->o_tmpmemctx ) ) + { + Entry *e = (void *)0xbad; + rc = backsql_delete_int( op, rs, dbh, sthp, btd.btd_eid, &e ); + if ( rc != LDAP_SUCCESS ) { + break; + } + } + +clean:; + for ( ; btd.btd_eid != NULL; + btd.btd_eid = backsql_free_entryID( btd.btd_eid, + 1, op->o_tmpmemctx ) ) + ; + + return rc; +} + int backsql_delete( Operation *op, SlapReply *rs ) { backsql_info *bi = (backsql_info*)op->o_bd->be_private; SQLHDBC dbh = SQL_NULL_HDBC; SQLHSTMT sth = SQL_NULL_HSTMT; - RETCODE rc; - int prc = LDAP_SUCCESS; backsql_oc_map_rec *oc = NULL; backsql_srch_info bsi = { 0 }; backsql_entryID e_id = { 0 }; Entry d = { 0 }, p = { 0 }, *e = NULL; struct berval pdn = BER_BVNULL; int manageDSAit = get_manageDSAit( op ); - /* first parameter no */ - SQLUSMALLINT pno = 0; Debug( LDAP_DEBUG_TRACE, "==>backsql_delete(): deleting entry \"%s\"\n", op->o_req_ndn.bv_val, 0, 0 ); @@ -108,7 +429,7 @@ backsql_delete( Operation *op, SlapReply *rs ) e = NULL; goto done; } - + /* * Get the entry */ @@ -116,7 +437,7 @@ backsql_delete( Operation *op, SlapReply *rs ) rs->sr_err = backsql_init_search( &bsi, &op->o_req_ndn, LDAP_SCOPE_BASE, (time_t)(-1), NULL, dbh, op, rs, slap_anlist_no_attrs, - ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) ); + ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY | BACKSQL_ISF_GET_OC ) ); switch ( rs->sr_err ) { case LDAP_SUCCESS: break; @@ -179,8 +500,10 @@ backsql_delete( Operation *op, SlapReply *rs ) case LDAP_COMPARE_TRUE: if ( get_treeDelete( op ) ) { - /* not supported yet */ ; + rs->sr_err = LDAP_SUCCESS; + break; } + Debug( LDAP_DEBUG_TRACE, " backsql_delete(): " "entry \"%s\" has children\n", op->o_req_dn.bv_val, 0, 0 ); @@ -193,17 +516,8 @@ backsql_delete( Operation *op, SlapReply *rs ) goto done; } - oc = backsql_id2oc( bi, bsi.bsi_base_id.eid_oc_id ); - if ( oc == NULL ) { - Debug( LDAP_DEBUG_TRACE, " backsql_delete(): " - "cannot determine objectclass of entry -- aborting\n", - 0, 0, 0 ); - rs->sr_err = LDAP_UNWILLING_TO_PERFORM; - rs->sr_text = "operation not permitted within namingContext"; - e = NULL; - goto done; - } - + assert( bsi.bsi_base_id.eid_oc != NULL ); + oc = bsi.bsi_base_id.eid_oc; if ( oc->bom_delete_proc == NULL ) { Debug( LDAP_DEBUG_TRACE, " backsql_delete(): " "delete procedure is not defined " @@ -218,6 +532,7 @@ backsql_delete( Operation *op, SlapReply *rs ) * Get the parent */ e_id = bsi.bsi_base_id; + memset( &bsi.bsi_base_id, 0, sizeof( bsi.bsi_base_id ) ); if ( !be_issuffix( op->o_bd, &op->o_req_ndn ) ) { dnParent( &op->o_req_ndn, &pdn ); bsi.bsi_e = &p; @@ -251,188 +566,17 @@ backsql_delete( Operation *op, SlapReply *rs ) } } - /* avl_apply ... */ - rs->sr_err = backsql_delete_all_attrs( op, rs, dbh, &e_id, oc ); - if ( rs->sr_err != LDAP_SUCCESS ) { - e = &d; - goto done; - } - - rc = backsql_Prepare( dbh, &sth, oc->bom_delete_proc, 0 ); - if ( rc != SQL_SUCCESS ) { - Debug( LDAP_DEBUG_TRACE, - " backsql_delete(): " - "error preparing delete query\n", - 0, 0, 0 ); - backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); - - rs->sr_err = LDAP_OTHER; - rs->sr_text = "SQL-backend error"; - e = NULL; - goto done; - } - - if ( BACKSQL_IS_DEL( oc->bom_expect_return ) ) { - pno = 1; - rc = backsql_BindParamInt( sth, 1, SQL_PARAM_OUTPUT, &prc ); - if ( rc != SQL_SUCCESS ) { - Debug( LDAP_DEBUG_TRACE, - " backsql_delete(): " - "error binding output parameter for objectClass %s\n", - oc->bom_oc->soc_cname.bv_val, 0, 0 ); - backsql_PrintErrors( bi->sql_db_env, dbh, - sth, rc ); - SQLFreeStmt( sth, SQL_DROP ); - - rs->sr_text = "SQL-backend error"; - rs->sr_err = LDAP_OTHER; + e = &d; + if ( get_treeDelete( op ) ) { + backsql_tree_delete( op, rs, dbh, &sth ); + if ( rs->sr_err == LDAP_OTHER || rs->sr_err == LDAP_SUCCESS ) + { e = NULL; - goto done; } - } - - rc = backsql_BindParamID( sth, pno + 1, SQL_PARAM_INPUT, &e_id.eid_keyval ); - if ( rc != SQL_SUCCESS ) { - Debug( LDAP_DEBUG_TRACE, - " backsql_delete(): " - "error binding keyval parameter for objectClass %s\n", - oc->bom_oc->soc_cname.bv_val, 0, 0 ); - backsql_PrintErrors( bi->sql_db_env, dbh, - sth, rc ); - SQLFreeStmt( sth, SQL_DROP ); - - rs->sr_text = "SQL-backend error"; - rs->sr_err = LDAP_OTHER; - e = NULL; - goto done; - } - - rc = SQLExecute( sth ); - if ( rc == SQL_SUCCESS && prc == LDAP_SUCCESS ) { - rs->sr_err = LDAP_SUCCESS; } else { - Debug( LDAP_DEBUG_TRACE, " backsql_delete(): " - "delete_proc execution failed (rc=%d, prc=%d)\n", - rc, prc, 0 ); - - - if ( prc != LDAP_SUCCESS ) { - /* SQL procedure executed fine - * but returned an error */ - rs->sr_err = BACKSQL_SANITIZE_ERROR( prc ); - - } else { - backsql_PrintErrors( bi->sql_db_env, dbh, - sth, rc ); - rs->sr_err = LDAP_OTHER; - } - SQLFreeStmt( sth, SQL_DROP ); - e = &d; - goto done; + backsql_delete_int( op, rs, dbh, &sth, &e_id, &e ); } - SQLFreeStmt( sth, SQL_DROP ); - - /* delete "auxiliary" objectClasses, if any... */ - rc = backsql_Prepare( dbh, &sth, bi->sql_delobjclasses_stmt, 0 ); - if ( rc != SQL_SUCCESS ) { - Debug( LDAP_DEBUG_TRACE, - " backsql_delete(): " - "error preparing ldap_entry_objclasses delete query\n", - 0, 0, 0 ); - backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); - - rs->sr_err = LDAP_OTHER; - rs->sr_text = "SQL-backend error"; - e = NULL; - goto done; - } - - rc = backsql_BindParamID( sth, 1, SQL_PARAM_INPUT, &e_id.eid_id ); - if ( rc != SQL_SUCCESS ) { - Debug( LDAP_DEBUG_TRACE, - " backsql_delete(): " - "error binding auxiliary objectClasses " - "entry ID parameter for objectClass %s\n", - oc->bom_oc->soc_cname.bv_val, 0, 0 ); - backsql_PrintErrors( bi->sql_db_env, dbh, - sth, rc ); - SQLFreeStmt( sth, SQL_DROP ); - - rs->sr_text = "SQL-backend error"; - rs->sr_err = LDAP_OTHER; - e = NULL; - goto done; - } - - rc = SQLExecute( sth ); - switch ( rc ) { - case SQL_NO_DATA: - /* apparently there were no "auxiliary" objectClasses - * for this entry... */ - case SQL_SUCCESS: - break; - - default: - Debug( LDAP_DEBUG_TRACE, " backsql_delete(): " - "failed to delete record from ldap_entry_objclasses\n", - 0, 0, 0 ); - backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); - SQLFreeStmt( sth, SQL_DROP ); - rs->sr_err = LDAP_OTHER; - rs->sr_text = "SQL-backend error"; - e = NULL; - goto done; - } - SQLFreeStmt( sth, SQL_DROP ); - - /* delete entry... */ - rc = backsql_Prepare( dbh, &sth, bi->sql_delentry_stmt, 0 ); - if ( rc != SQL_SUCCESS ) { - Debug( LDAP_DEBUG_TRACE, - " backsql_delete(): " - "error preparing ldap_entries delete query\n", - 0, 0, 0 ); - backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); - - rs->sr_err = LDAP_OTHER; - rs->sr_text = "SQL-backend error"; - e = NULL; - goto done; - } - - rc = backsql_BindParamID( sth, 1, SQL_PARAM_INPUT, &e_id.eid_id ); - if ( rc != SQL_SUCCESS ) { - Debug( LDAP_DEBUG_TRACE, - " backsql_delete(): " - "error binding entry ID parameter " - "for objectClass %s\n", - oc->bom_oc->soc_cname.bv_val, 0, 0 ); - backsql_PrintErrors( bi->sql_db_env, dbh, - sth, rc ); - SQLFreeStmt( sth, SQL_DROP ); - - rs->sr_text = "SQL-backend error"; - rs->sr_err = LDAP_OTHER; - e = NULL; - goto done; - } - - rc = SQLExecute( sth ); - if ( rc != SQL_SUCCESS ) { - Debug( LDAP_DEBUG_TRACE, " backsql_delete(): " - "failed to delete record from ldap_entries\n", - 0, 0, 0 ); - backsql_PrintErrors( bi->sql_db_env, dbh, sth, rc ); - SQLFreeStmt( sth, SQL_DROP ); - rs->sr_err = LDAP_OTHER; - rs->sr_text = "SQL-backend error"; - e = NULL; - goto done; - } - SQLFreeStmt( sth, SQL_DROP ); - - rs->sr_err = LDAP_SUCCESS; /* * Commit only if all operations succeed diff --git a/servers/slapd/back-sql/entry-id.c b/servers/slapd/back-sql/entry-id.c index b86fc477a5..78f1da1445 100644 --- a/servers/slapd/back-sql/entry-id.c +++ b/servers/slapd/back-sql/entry-id.c @@ -58,6 +58,7 @@ backsql_entryID_dup( backsql_entryID *src, void *ctx ) dst->eid_keyval = src->eid_keyval; #endif /* ! BACKSQL_ARBITRARY_KEY */ + dst->eid_oc = src->eid_oc; dst->eid_oc_id = src->eid_oc_id; return dst; @@ -953,8 +954,11 @@ backsql_id2entry( backsql_srch_info *bsi, backsql_entryID *eid ) bsi->bsi_e->e_attrs = NULL; bsi->bsi_e->e_private = NULL; - bsi->bsi_oc = backsql_id2oc( bsi->bsi_op->o_bd->be_private, + if ( eid->eid_oc == NULL ) { + eid->eid_oc = backsql_id2oc( bsi->bsi_op->o_bd->be_private, eid->eid_oc_id ); + } + bsi->bsi_oc = eid->eid_oc; bsi->bsi_c_eid = eid; #ifndef BACKSQL_ARBITRARY_KEY diff --git a/servers/slapd/back-sql/init.c b/servers/slapd/back-sql/init.c index 5f6bd0c2b8..0f9dc65c22 100644 --- a/servers/slapd/back-sql/init.c +++ b/servers/slapd/back-sql/init.c @@ -38,7 +38,7 @@ sql_back_initialize( LDAP_CONTROL_ASSERT, LDAP_CONTROL_MANAGEDSAIT, LDAP_CONTROL_NOOP, -#if 0 /* SLAP_CONTROL_X_TREE_DELETE */ +#ifdef SLAP_CONTROL_X_TREE_DELETE SLAP_CONTROL_X_TREE_DELETE, #endif /* SLAP_CONTROL_X_TREE_DELETE */ LDAP_CONTROL_PAGEDRESULTS, diff --git a/servers/slapd/back-sql/modify.c b/servers/slapd/back-sql/modify.c index 0d84b3fef5..ca1fc3ba79 100644 --- a/servers/slapd/back-sql/modify.c +++ b/servers/slapd/back-sql/modify.c @@ -67,7 +67,7 @@ backsql_modify( Operation *op, SlapReply *rs ) LDAP_SCOPE_BASE, (time_t)(-1), NULL, dbh, op, rs, slap_anlist_all_attributes, - ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) ); + ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY | BACKSQL_ISF_GET_OC ) ); switch ( rs->sr_err ) { case LDAP_SUCCESS: break; @@ -124,8 +124,8 @@ backsql_modify( Operation *op, SlapReply *rs ) slap_mods_opattrs( op, &op->orm_modlist, 1 ); - oc = backsql_id2oc( bi, bsi.bsi_base_id.eid_oc_id ); - assert( oc != NULL ); + assert( bsi.bsi_base_id.eid_oc != NULL ); + oc = bsi.bsi_base_id.eid_oc; if ( !acl_check_modlist( op, &m, op->orm_modlist ) ) { rs->sr_err = LDAP_INSUFFICIENT_ACCESS; diff --git a/servers/slapd/back-sql/modrdn.c b/servers/slapd/back-sql/modrdn.c index 92613faba8..1e6805a7fd 100644 --- a/servers/slapd/back-sql/modrdn.c +++ b/servers/slapd/back-sql/modrdn.c @@ -72,7 +72,7 @@ backsql_modrdn( Operation *op, SlapReply *rs ) LDAP_SCOPE_BASE, (time_t)(-1), NULL, dbh, op, rs, slap_anlist_all_attributes, - ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY ) ); + ( BACKSQL_ISF_MATCHED | BACKSQL_ISF_GET_ENTRY | BACKSQL_ISF_GET_OC ) ); switch ( rs->sr_err ) { case LDAP_SUCCESS: break; @@ -164,6 +164,7 @@ backsql_modrdn( Operation *op, SlapReply *rs ) */ bsi.bsi_e = &p; e_id = bsi.bsi_base_id; + memset( &bsi.bsi_base_id, 0, sizeof( bsi.bsi_base_id ) ); rs->sr_err = backsql_init_search( &bsi, &pndn, LDAP_SCOPE_BASE, (time_t)(-1), NULL, dbh, op, rs, @@ -259,6 +260,8 @@ backsql_modrdn( Operation *op, SlapReply *rs ) new_npdn = &pndn; } + memset( &bsi.bsi_base_id, 0, sizeof( bsi.bsi_base_id ) ); + if ( newSuperior && dn_match( &pndn, new_npdn ) ) { Debug( LDAP_DEBUG_TRACE, " backsql_modrdn(): " "newSuperior is equal to old parent - ignored\n", @@ -395,7 +398,8 @@ backsql_modrdn( Operation *op, SlapReply *rs ) slap_mods_opattrs( op, &op->orr_modlist, 1 ); - oc = backsql_id2oc( bi, e_id.eid_oc_id ); + assert( e_id.eid_oc != NULL ); + oc = e_id.eid_oc; rs->sr_err = backsql_modify_internal( op, rs, dbh, oc, &e_id, op->orr_modlist ); slap_graduate_commit_csn( op ); if ( rs->sr_err != LDAP_SUCCESS ) { diff --git a/servers/slapd/back-sql/search.c b/servers/slapd/back-sql/search.c index db0ccb580e..e293151dea 100644 --- a/servers/slapd/back-sql/search.c +++ b/servers/slapd/back-sql/search.c @@ -339,6 +339,17 @@ backsql_init_search( rs->sr_err = rc; } } + + if ( gotit && BACKSQL_IS_GET_OC( flags ) ) { + bsi->bsi_base_id.eid_oc = backsql_id2oc( bi, + bsi->bsi_base_id.eid_oc_id ); + if ( bsi->bsi_base_id.eid_oc == NULL ) { + /* error? */ + backsql_free_entryID( &bsi->bsi_base_id, 1, + op->o_tmpmemctx ); + rc = rs->sr_err = LDAP_OTHER; + } + } } bsi->bsi_status = rc; @@ -1915,6 +1926,7 @@ backsql_oc_get_candidates( void *v_oc, void *v_bsi ) goto cleanup; } #endif /* ! BACKSQL_ARBITRARY_KEY */ + c_id->eid_oc = bsi->bsi_oc; c_id->eid_oc_id = bsi->bsi_oc->bom_id; c_id->eid_dn = pdn; @@ -2643,7 +2655,7 @@ backsql_entry_release( { backsql_entry_clean( op, e ); - ch_free( e ); + entry_free( e ); return 0; } diff --git a/tests/data/sql-write.out b/tests/data/sql-write.out index 9fb7d5340f..45fa164315 100644 --- a/tests/data/sql-write.out +++ b/tests/data/sql-write.out @@ -1,9 +1,26 @@ # Using ldapsearch to retrieve all the entries... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: pkiUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: documentTitle=book1,dc=example,dc=com objectClass: document @@ -49,9 +66,26 @@ telephoneNumber: 545-4563 # Using ldapsearch to retrieve all the entries... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: pkiUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: o=An Org,dc=example,dc=com objectClass: organization @@ -144,9 +178,26 @@ documentIdentifier: document 3 # Using ldapsearch to retrieve all the entries... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: pkiUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: o=An Org,dc=example,dc=com objectClass: organization @@ -242,9 +293,26 @@ documentIdentifier: document 3 # Using ldapsearch to retrieve all the entries... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: pkiUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: o=An Org,dc=example,dc=com objectClass: organization @@ -315,9 +383,26 @@ documentIdentifier: document 3 # Using ldapsearch to retrieve all the entries... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: pkiUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: dc=example,dc=com objectClass: organization @@ -402,9 +487,26 @@ ref: ldap://localhost:9009/ # Using ldapsearch to retrieve all the entries... dn: cn=Akakiy Zinberstein,dc=example,dc=com objectClass: inetOrgPerson +objectClass: pkiUser cn: Akakiy Zinberstein sn: Zinberstein givenName: Akakiy +userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV + QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH + RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc + NMDMxMDE3MTYzMzE5WhcNMDQxMDE2MTYzMzE5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs + aWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTHRkLjEYMBYGA1UEAxMPVXJzdWxhI + EhhbXBzdGVyMR8wHQYJKoZIhvcNAQkBFhB1aGFtQGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQ + UAA4GNADCBiQKBgQDuxgp5ELV9LmhxWMpV7qc4028QQT3+zzFDXhruuXE7ji2n3S3ea8bOwDtJh+q + nsDe561DhHHHlgIjMKCiDEizYMpxvJPYEXmvp0huRkMgpKZgmel95BSkt6TYmJ0erS3aoimOHLEFi + mmnTLolNRMiWqNBvqwobx940PGwUWEePKQIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4Q + gENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSjI94TbBmuDEeUUO + iC37EK0Uf0XjCBoQYDVR0jBIGZMIGWgBRLbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1U + EBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0 + ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAM + A0GCSqGSIb3DQEBBAUAA4GBAIgUcARb3OlWYNbmr1nmqESuxLn16uqI1Ot6WkcICvpkdQ+Bo+R9AP + 05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j + ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN dn: dc=example,dc=com objectClass: organization