Bug 602456 - Allow to add any cn=config attributes;

allow to delete some cn=config attributes

https://bugzilla.redhat.com/show_bug.cgi?id=602456

Description:
commit e6c0ce5d97a78689722fe3c627f7a99cf81f6b77 included a
config param value type mismatch.  The value is a string,
not an array of strings.

To verify the fix, the following command line should return
the space separated config attribute list.
$ ldapsearch ... -b "cn=config" "(cn=*)" nsslapd-allowed-to-delete-attrs
nsslapd-allowed-to-delete-attrs: nsslapd-listenhost nsslapd-securelistenhost

ldap/servers/slapd/configdse.c

@@ -127,16 +127,21 @@ ignore_attr_type(const char *attr_type)
 static int
 allowed_to_delete_attrs(const char *attr_type)
 {
+	int rc = 0;
 	if (attr_type) {
-		char **ap = config_get_allowed_to_delete_attrs();
-		for ( ; ap && *ap; ap++) {
+		char *delattrs = config_get_allowed_to_delete_attrs();
+		char **allowed = slapi_str2charray_ext(delattrs, " ", 0);
+		char **ap;
+		for (ap = allowed; ap && *ap; ap++) {
 			if (strcasecmp (attr_type, *ap) == 0) {
-				return 1;
+				rc = 1;
+				break;
 			}
 		}
+		slapi_ch_array_free(allowed);
+		slapi_ch_free_string(&delattrs);
 	}
-
-	return 0;
+	return rc;
 }
 
 int 

ldap/servers/slapd/libglobs.c

@@ -1012,10 +1012,7 @@ FrontendConfig_init () {
   cfg->auditlog_exptimeunit = slapi_ch_strdup("month");
 
   cfg->entryusn_global = LDAP_OFF; 
-  slapi_ch_array_add(&(cfg->allowed_to_delete_attrs),
-                     slapi_ch_strdup("nsslapd-listenhost"));
-  slapi_ch_array_add(&(cfg->allowed_to_delete_attrs),
-                     slapi_ch_strdup("nsslapd-securelistenhost"));
+  cfg->allowed_to_delete_attrs = slapi_ch_strdup("nsslapd-listenhost nsslapd-securelistenhost");
 
 #ifdef MEMPOOL_EXPERIMENTAL
   cfg->mempool_switch = LDAP_ON;
@@ -5587,13 +5584,13 @@ config_set_entryusn_global( const char *attrname, char *value,
     return retVal;
 }
 
-char **
+char *
 config_get_allowed_to_delete_attrs(void)
 {
-    char **retVal;
+    char *retVal;
     slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
     CFG_LOCK_READ(slapdFrontendConfig);
-    retVal = slapdFrontendConfig->allowed_to_delete_attrs;
+    retVal = slapi_ch_strdup(slapdFrontendConfig->allowed_to_delete_attrs);
     CFG_UNLOCK_READ(slapdFrontendConfig);
 
     return retVal;
@@ -5608,9 +5605,8 @@ config_set_allowed_to_delete_attrs( const char *attrname, char *value,
 
     if (apply) {
         CFG_LOCK_WRITE(slapdFrontendConfig);
-        slapi_ch_array_free(slapdFrontendConfig->allowed_to_delete_attrs);
-        slapdFrontendConfig->allowed_to_delete_attrs = 
-                                           slapi_str2charray_ext(value, " ", 0);
+        slapi_ch_free_string(&(slapdFrontendConfig->allowed_to_delete_attrs));
+        slapdFrontendConfig->allowed_to_delete_attrs = slapi_ch_strdup(value);
         CFG_UNLOCK_WRITE(slapdFrontendConfig);
     }
     return retVal;

ldap/servers/slapd/proto-slap.h

@@ -513,7 +513,7 @@ int config_get_system_page_bits();
 #endif
 int config_get_force_sasl_external();
 int config_get_entryusn_global(void);
-char **config_get_allowed_to_delete_attrs(void);
+char *config_get_allowed_to_delete_attrs(void);
 
 int is_abspath(const char *);
 char* rel2abspath( char * );