Date: Mon, 22 Jan 2007 13:02:40 -0700
From: Richard Megginson <rmeggins(a)redhat.com>
> > Rob Crittenden wrote:
>> >> Pete Rowley wrote:
>>> >>> New pre-operation plugin:
>> >> In dna_get_next_value() what could cause a call to
>> >> slapi_search_internal_get_entry() to fail that you have to try 3 times?
> > It's actually the mod operation that can fail, the original value is
> > deleted and the new value added in one operation with two mods, if the
> > original value has changed since the search the mod operation will
> > fail. It's a way to get an atomic increment.
Ok. So I think the errors should be treated a little differently. If
the search fails, that's bad - probably a fatal error, or perhaps
someone deleted the configuration entry out from under you. I think
that if the mod fails, you should check the error code, for something
like LDAP_TYPE_OR_VALUE_EXISTS, which means the mod->add failed because
attribute already has that value, or whatever specific error is returned
from the mod->delete value operation when the value doesn't exist.
Other errors are probably fatal.
You should only be able to get LDAP_NO_SUCH_ATTRIBUTE, not
LDAP_TYPE_OR_VALUE_EXISTS from this operation. The delete of the old value
must fail before it even tries to add the new value. This is the standard
test-and-set operation in LDAP. (And of course LDAP_NO_SUCH_OBJECT if someone
is really messing with you...)
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/