ITS#2757: fix parent-less add bug

servers/slapd/back-bdb/add.c

@@ -287,66 +287,49 @@ retry:	/* transaction retry */
 		 * no parent!
 		 *	must be adding entry at suffix or with parent ""
 		 */
-		if ( !be_isroot( op->o_bd, &op->o_ndn )) {
-			if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
-				|| be_isupdate( op->o_bd, &op->o_ndn ) )
-			{
-				p = (Entry *)&slap_entry_root;
+		if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
+			|| be_isupdate( op->o_bd, &op->o_ndn ) )
+		{
+			p = (Entry *)&slap_entry_root;
 
-				/* check parent for "children" acl */
-				rs->sr_err = access_allowed( op, p,
-					children, NULL, ACL_WRITE, NULL );
+			/* check parent for "children" acl */
+			rs->sr_err = access_allowed( op, p,
+				children, NULL, ACL_WRITE, NULL );
 
-				p = NULL;
+			p = NULL;
 
-				if ( ! rs->sr_err ) {
-					switch( opinfo.boi_err ) {
-					case DB_LOCK_DEADLOCK:
-					case DB_LOCK_NOTGRANTED:
-						goto retry;
-					}
-
-#ifdef NEW_LOGGING
-					LDAP_LOG ( OPERATION, DETAIL1, 
-						"bdb_add: no write access to parent\n", 0, 0, 0 );
-#else
-					Debug( LDAP_DEBUG_TRACE,
-						"bdb_add: no write access to parent\n",
-						0, 0, 0 );
-#endif
-					rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
-					rs->sr_text = "no write access to parent";
-					goto return_results;
+			if ( ! rs->sr_err ) {
+				switch( opinfo.boi_err ) {
+				case DB_LOCK_DEADLOCK:
+				case DB_LOCK_NOTGRANTED:
+					goto retry;
 				}
-			} else if ( !is_entry_glue( op->oq_add.rs_e )) {
+
 #ifdef NEW_LOGGING
-				LDAP_LOG ( OPERATION, DETAIL1, "bdb_add: %s denied\n", 
-					pdn.bv_len == 0 ? "suffix" : "entry at root", 0, 0 );
+				LDAP_LOG ( OPERATION, DETAIL1, 
+					"bdb_add: no write access to parent\n", 0, 0, 0 );
 #else
-				Debug( LDAP_DEBUG_TRACE, "bdb_add: %s denied\n",
-					pdn.bv_len == 0 ? "suffix" : "entry at root",
-					0, 0 );
+				Debug( LDAP_DEBUG_TRACE,
+					"bdb_add: no write access to parent\n",
+					0, 0, 0 );
 #endif
-				rs->sr_err = LDAP_NO_SUCH_OBJECT;
+				rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+				rs->sr_text = "no write access to parent";
 				goto return_results;
 			}
-		}
 
-#ifdef BDB_SUBENTRIES
-		if( subentry ) {
+		} else if ( !is_entry_glue( op->oq_add.rs_e )) {
 #ifdef NEW_LOGGING
-			LDAP_LOG ( OPERATION, DETAIL1, 
-				"bdb_add: no parent, cannot add subentry\n", 0, 0, 0 );
+			LDAP_LOG ( OPERATION, DETAIL1, "bdb_add: %s denied\n", 
+				pdn.bv_len == 0 ? "suffix" : "entry at root", 0, 0 );
 #else
-			Debug( LDAP_DEBUG_TRACE,
-				"bdb_add: no parent, cannot add subentry\n",
-				0, 0, 0 );
+			Debug( LDAP_DEBUG_TRACE, "bdb_add: %s denied\n",
+				pdn.bv_len == 0 ? "suffix" : "entry at root",
+				0, 0 );
 #endif
 			rs->sr_err = LDAP_NO_SUCH_OBJECT;
-			rs->sr_text = "no parent, cannot add subentry";
 			goto return_results;
 		}
-#endif
 	}
 
 	if ( get_assert( op ) &&

servers/slapd/back-ldbm/add.c

@@ -234,76 +234,53 @@ ldbm_back_add(
 #endif
 
 	} else {
-		if( pdn.bv_val != NULL )
-		{
+		if( pdn.bv_val != NULL ) {
 			assert( *pdn.bv_val == '\0' );
 		}
 
-		/* no parent, must be adding entry to root */
-		if ( !be_isroot( op->o_bd, &op->o_ndn ) )
+		/* no parent */
+		if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) ||
+			be_isupdate( op->o_bd, &op->o_ndn ) )
 		{
-			if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv ) || be_isupdate( op->o_bd, &op->o_ndn ) ) {
-				p = (Entry *)&slap_entry_root;
+			p = (Entry *)&slap_entry_root;
 				
-				rs->sr_err = access_allowed( op, p,
-					children, NULL, ACL_WRITE, NULL );
-				p = NULL;
+			rs->sr_err = access_allowed( op, p,
+				children, NULL, ACL_WRITE, NULL );
+			p = NULL;
 				
-				if ( ! rs->sr_err ) {
-					ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
-
-#ifdef NEW_LOGGING
-					LDAP_LOG( BACK_LDBM, ERR,
-						"ldbm_back_add: No write "
-						"access to parent (\"\").\n", 0, 0, 0 );
-#else
-					Debug( LDAP_DEBUG_TRACE, 
-						"no write access to parent\n", 
-						0, 0, 0 );
-#endif
-
-					send_ldap_error( op, rs,
-						LDAP_INSUFFICIENT_ACCESS,
-						"no write access to parent" );
-
-					return LDAP_INSUFFICIENT_ACCESS;
-				}
-			} else if ( !is_entry_glue( op->oq_add.rs_e )) {
+			if ( ! rs->sr_err ) {
 				ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 
 #ifdef NEW_LOGGING
 				LDAP_LOG( BACK_LDBM, ERR,
-					   "ldbm_back_add: %s add denied.\n",
-					   pdn.bv_val == NULL ? "suffix" 
-					   : "entry at root", 0, 0 );
+					"ldbm_back_add: No write "
+					"access to parent (\"\").\n", 0, 0, 0 );
 #else
-				Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
-						pdn.bv_val == NULL ? "suffix" 
-						: "entry at root", 0, 0 );
+				Debug( LDAP_DEBUG_TRACE, 
+					"no write access to parent\n", 0, 0, 0 );
 #endif
 
 				send_ldap_error( op, rs,
-						LDAP_NO_SUCH_OBJECT, NULL );
+					LDAP_INSUFFICIENT_ACCESS,
+					"no write access to parent" );
 
-					return LDAP_NO_SUCH_OBJECT;
+				return LDAP_INSUFFICIENT_ACCESS;
 			}
-		}
+		} else if ( !is_entry_glue( op->oq_add.rs_e )) {
+			ldap_pvt_thread_rdwr_wunlock(&li->li_giant_rwlock);
 
-#ifdef LDBM_SUBENTRIES
-		        if( subentry ) {
 #ifdef NEW_LOGGING
-					LDAP_LOG ( OPERATION, DETAIL1,
-						"bdb_add: no parent, cannot add subentry\n", 0, 0, 0 );
+			LDAP_LOG( BACK_LDBM, ERR,
+			   "ldbm_back_add: %s add denied.\n",
+			   pdn.bv_val == NULL ? "suffix" : "entry at root", 0, 0 );
 #else
-					Debug( LDAP_DEBUG_TRACE,
-						"bdb_add: no parent, cannot add subentry\n", 0, 0, 0 );
-#endif
-					rs->sr_err = LDAP_NO_SUCH_OBJECT;
-					rs->sr_text = "no parent, cannot add subentry";
-					goto return_results;
-				}
+			Debug( LDAP_DEBUG_TRACE, "%s add denied\n",
+				pdn.bv_val == NULL ? "suffix" : "entry at root", 0, 0 );
 #endif
 
+			send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT, NULL );
+			return LDAP_NO_SUCH_OBJECT;
+		}
 	}
 
 	if ( next_id( op->o_bd, &op->oq_add.rs_e->e_id ) ) {