- if( conn->c_authz_backend != NULL &&
- conn->c_authz_backend->be_extended )
- {
- rc = conn->c_authz_backend->be_extended(
- conn->c_authz_backend,
- conn, op, oid, reqdata, rspdata, text );
+ if (backend_check_restrictions( op, rs,
+ (struct berval *)&slap_EXOP_MODIFY_PASSWD ) != LDAP_SUCCESS) {
+ return rs->sr_err;
+ }
+
+ if( op->o_bd == NULL ) {
+#ifdef HAVE_CYRUS_SASL
+ rs->sr_err = slap_sasl_setpass( op, rs );
+#else
+ rs->sr_text = "no authz backend";
+ rs->sr_err = LDAP_OTHER;
+#endif
+
+#ifndef SLAPD_MULTIMASTER
+ /* This does not apply to multi-master case */
+ } else if( op->o_bd->be_update_ndn.bv_len ) {
+ /* we SHOULD return a referral in this case */
+ rs->sr_ref = referral_rewrite( op->o_bd->be_update_refs,
+ NULL, NULL, LDAP_SCOPE_DEFAULT );
+ rs->sr_err = LDAP_REFERRAL;
+#endif /* !SLAPD_MULTIMASTER */