Merge remote branch 'origin/mdb.master'

[openldap] / contrib / slapd-modules / lastbind / lastbind.c

diff --git a/contrib/slapd-modules/lastbind/lastbind.c b/contrib/slapd-modules/lastbind/lastbind.c
index ed20682f2fcdd03bc6bf4547f10476c9bb421c19..9a38a454d7f23d249e23120e1323882bbfb00dee 100644 (file)
--- a/contrib/slapd-modules/lastbind/lastbind.c
+++ b/contrib/slapd-modules/lastbind/lastbind.c
@@ -1,5 +1,6 @@
 /* lastbind.c - Record timestamp of the last successful bind to entries */
-/* 
+/* $OpenLDAP$ */
+/*
  * Copyright 2009 Jonathan Clarke <jonathan@phillipoux.net>.
  * All rights reserved.
  *
@@ -20,7 +21,7 @@
 /*
  * This file implements an overlay that stores the timestamp of the
  * last successful bind operation in a directory entry.
- * 
+ *
  * Optimization: to avoid performing a write on each bind,
  * a precision for this timestamp may be configured, causing it to
  * only be updated if it is older than a given number of seconds.
@@ -108,6 +109,10 @@ lastbind_bind_response( Operation *op, SlapReply *rs )
        Entry *e;
        int rc;
 
+       /* we're only interested if the bind was successful */
+       if ( rs->sr_err != LDAP_SUCCESS )
+               return SLAP_CB_CONTINUE;
+
        rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &e );
        op->o_bd->bd_info = bi;
 
@@ -115,8 +120,7 @@ lastbind_bind_response( Operation *op, SlapReply *rs )
                return SLAP_CB_CONTINUE;
        }
 
-       /* we're only interested if the bind was successful */
-       if ( rs->sr_err == LDAP_SUCCESS ) {
+       {
                lastbind_info *lbi = (lastbind_info *) op->o_callback->sc_private;
 
                time_t now, bindtime = (time_t)-1;
@@ -140,7 +144,7 @@ lastbind_bind_response( Operation *op, SlapReply *rs )
                                }
                        }
                }
-               
+
                /* update the authTimestamp in the user's entry with the current time */
                timestamp.bv_val = nowstr;
                timestamp.bv_len = sizeof(nowstr);
@@ -170,13 +174,13 @@ done:
                SlapReply r2 = { REP_RESULT };
                slap_callback cb = { NULL, slap_null_cb, NULL, NULL };
 
-               /* FIXME: Need to handle replication of the operational attribute... 
-                * See password policy overlay */
+               /* This is a DSA-specific opattr, it never gets replicated. */
                op2.o_tag = LDAP_REQ_MODIFY;
                op2.o_callback = &cb;
                op2.orm_modlist = mod;
                op2.o_dn = op->o_bd->be_rootdn;
                op2.o_ndn = op->o_bd->be_rootndn;
+               op2.o_dont_replicate = 1;
                rc = op->o_bd->be_modify( &op2, &r2 );
                slap_mods_free( mod, 1 );
        }
@@ -204,12 +208,12 @@ lastbind_bind( Operation *op, SlapReply *rs )
 
 static int
 lastbind_db_init(
-        BackendDB *be,
-        ConfigReply *cr
+       BackendDB *be,
+       ConfigReply *cr
 )
 {
-        slap_overinst *on = (slap_overinst *) be->bd_info;
-       
+       slap_overinst *on = (slap_overinst *) be->bd_info;
+
        /* initialize private structure to store configuration */
        on->on_bi.bi_private = ch_calloc( 1, sizeof(lastbind_info) );
 
@@ -247,6 +251,8 @@ int lastbind_initialize()
                }
        }
 
+       ad_authTimestamp->ad_type->sat_flags |= SLAP_AT_MANAGEABLE;
+
        lastbind.on_bi.bi_type = "lastbind";
        lastbind.on_bi.bi_db_init = lastbind_db_init;
        lastbind.on_bi.bi_db_close = lastbind_db_close;