Ticket #47422 - With 1.3.04 and subtree-renaming OFF, when a user is deleted after restarting the server, the same entry can't be added

Bug description:
1) As reported by baburaje12, regardless of the  nsslapd-subtree-
   rename-switch, "entrydn" was not stored in the id2entry db. The
   attribute value had to be stored in the db file if the switch
   was off.  Attribute values to avoid storing in the db file are
   maintained in an array protected_attrs_all statically. "Entrydn"
   should be dynamic depending on the switch.
2) When the switch is off, import was skipping to generate the
   parentid index, which leads to skipping to create the entrydn,
   as well.

Fix description:
1) Instead of keeping "entrydn" in the protected_attrs_all statically,
   this patch introduces an api set_attr_to_protected_list to add or
   remove "entrydn" based upon the value of nsslapd-subtree-rename-
   switch.
2) The condition to create a parentid index is fixed to always
   create it if the nsslapd-subtree-rename-switch is off.

https://fedorahosted.org/389/ticket/47422

Reviewed by rmeggins (Thank you, Rich!)

ldap/servers/slapd/back-ldbm/import-threads.c

@@ -2713,9 +2713,10 @@ next:
             goto error;
         }
 
-        if (entryrdn_get_switch() /* subtree-rename: on */ &&
+        if ((entryrdn_get_switch() /* subtree-rename: on */ &&
             !slapi_entry_flag_is_set(fi->entry->ep_entry,
-                                     SLAPI_ENTRY_FLAG_TOMBSTONE)) {
+                                     SLAPI_ENTRY_FLAG_TOMBSTONE)) ||
+            !entryrdn_get_switch()) {
             /* parentid index
              * (we have to do this here, because the parentID is dependent on
              * looking up by entrydn/entryrdn.)

ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c

@@ -136,6 +136,15 @@ void
 entryrdn_set_switch(int val)
 {
     entryrdn_switch = val;
+
+    if (entryrdn_switch) { /* entryrdn on */
+        /* Don't store entrydn in the db */
+        set_attr_to_protected_list(SLAPI_ATTR_ENTRYDN, 0);
+    } else {               /* entryrdn off */
+        /* Store entrydn in the db */
+        set_attr_to_protected_list(SLAPI_ATTR_ENTRYDN, 1);
+    }
+
     return;
 }
 

ldap/servers/slapd/entry.c

@@ -76,9 +76,27 @@ static void entry_vattr_free_nolock(Slapi_Entry *e);
 
 /* protected attributes which are not included in the flattened entry,
  * which will be stored in the db. */
-static char *protected_attrs_all [] = {PSEUDO_ATTR_UNHASHEDUSERPASSWORD,
-                                       SLAPI_ATTR_ENTRYDN,
-                                       NULL};
+static char **protected_attrs_all = NULL;
+
+/* 
+ * add or delete attr to or from protected_attr_all list depending on the flag.
+ * flag: 0 -- add
+ *       1 -- delete
+ */
+void
+set_attr_to_protected_list(char *attr, int flag)
+{
+    if (charray_inlist(protected_attrs_all, attr)) { /* attr is in the list */
+        if (flag) { /* delete */
+			charray_remove(protected_attrs_all, attr, 1);
+        }
+    } else { /* attr is not in the list */
+        if (!flag) { /* add */
+            charray_add(&protected_attrs_all, slapi_ch_strdup(attr));
+        }
+    }
+}
+
 #if defined(USE_OLD_UNHASHED)
 static char *forbidden_attrs [] = {PSEUDO_ATTR_UNHASHEDUSERPASSWORD,
                                    NULL};

ldap/servers/slapd/init.c

@@ -83,6 +83,8 @@ slapd_init()
 		exit( -1 );
 	}
 
+	/* Add PSEUDO_ATTR_UNHASHEDUSERPASSWORD to the protected attribute list */
+	set_attr_to_protected_list(PSEUDO_ATTR_UNHASHEDUSERPASSWORD, 0);
 #ifndef HAVE_TIME_R
 	if ((time_func_mutex = PR_NewLock()) == NULL ) {
                 LDAPDebug( LDAP_DEBUG_ANY,

ldap/servers/slapd/slapi-private.h

@@ -337,6 +337,7 @@ int entry_apply_mods( Slapi_Entry *e, LDAPMod **mods );
 int is_type_protected(const char *type);
 int entry_apply_mods_ignore_error( Slapi_Entry *e, LDAPMod **mods, int ignore_error );
 int slapi_entries_diff(Slapi_Entry **old_entries, Slapi_Entry **new_entries, int testall, const char *logging_prestr, const int force_update, void *plg_id);
+void set_attr_to_protected_list(char *attr, int flag);
 
 /* entrywsi.c */
 CSN* entry_assign_operation_csn ( Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *parententry );