/* attribute.c - bdb backend acl attribute routine */
/* $OpenLDAP$ */
/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
#include "back-bdb.h"
#include "proto-bdb.h"
-
/* return LDAP_SUCCESS IFF we can retrieve the attributes
* of entry with e_ndn
*/
Entry *target,
struct berval *entry_ndn,
AttributeDescription *entry_at,
- struct berval ***vals )
+ BerVarray *vals )
{
- struct bdbinfo *li = (struct bdbinfo *) be->be_private;
+ struct bdb_info *bdb = (struct bdb_info *) be->be_private;
+ struct bdb_op_info *boi = (struct bdb_op_info *) op->o_private;
+ DB_TXN *txn = NULL;
Entry *e;
int i, j, rc;
Attribute *attr;
- struct berval **v;
+ BerVarray v;
const char *entry_at_name = entry_at->ad_cname.bv_val;
+ AccessControlState acl_state = ACL_STATE_INIT;
#ifdef NEW_LOGGING
LDAP_LOG(( "backend", LDAP_LEVEL_ARGS,
target ? target->e_ndn : "", 0, 0 );
#endif
- if (target != NULL && strcmp(target->e_ndn, entry_ndn->bv_val) == 0) {
+ if( boi != NULL && be == boi->boi_bdb ) {
+ txn = boi->boi_txn;
+ }
+
+ if (target != NULL && dn_match(&target->e_nname, entry_ndn)) {
/* we already have a LOCKED copy of the entry */
e = target;
#ifdef NEW_LOGGING
} else {
/* can we find entry */
- rc = bdb_dn2entry( be, NULL, entry_ndn, &e, NULL, 0 );
+ rc = bdb_dn2entry_r( be, NULL, entry_ndn, &e, NULL, 0 );
switch( rc ) {
case DB_NOTFOUND:
case 0:
break;
default:
+ if( txn != NULL ) {
+ boi->boi_err = rc;
+ }
return LDAP_OTHER;
}
if (e == NULL) {
#endif
}
+#ifdef BDB_ALIASES
/* find attribute values */
if( is_entry_alias( e ) ) {
#ifdef NEW_LOGGING
rc = LDAP_ALIAS_PROBLEM;
goto return_results;
}
+#endif
if( is_entry_referral( e ) ) {
#ifdef NEW_LOGGING
}
if (conn != NULL && op != NULL
- && access_allowed(be, conn, op, e, slap_schema.si_ad_entry,
- NULL, ACL_READ) == 0)
+ && access_allowed( be, conn, op, e, slap_schema.si_ad_entry,
+ NULL, ACL_READ, &acl_state ) == 0 )
{
rc = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
if (conn != NULL && op != NULL
- && access_allowed(be, conn, op, e, entry_at, NULL, ACL_READ) == 0)
+ && access_allowed( be, conn, op, e, entry_at, NULL, ACL_READ,
+ &acl_state ) == 0 )
{
rc = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
- for ( i = 0; attr->a_vals[i] != NULL; i++ ) {
+ for ( i = 0; attr->a_vals[i].bv_val != NULL; i++ ) {
/* count them */
}
- v = (struct berval **) ch_malloc( sizeof(struct berval *) * (i+1) );
+ v = (BerVarray) ch_malloc( sizeof(struct berval) * (i+1) );
- for ( i=0, j=0; attr->a_vals[i] != NULL; i++ ) {
+ for ( i=0, j=0; attr->a_vals[i].bv_val != NULL; i++ ) {
if( conn != NULL
&& op != NULL
&& access_allowed(be, conn, op, e, entry_at,
- attr->a_vals[i], ACL_READ) == 0)
+ &attr->a_vals[i], ACL_READ, &acl_state ) == 0)
{
continue;
}
- v[j] = ber_bvdup( attr->a_vals[i] );
+ ber_dupbv( &v[j], &attr->a_vals[i] );
- if( v[j] != NULL ) j++;
+ if( v[j].bv_val != NULL ) j++;
}
if( j == 0 ) {
*vals = NULL;
rc = LDAP_INSUFFICIENT_ACCESS;
} else {
- v[j] = NULL;
+ v[j].bv_val = NULL;
+ v[j].bv_len = 0;
*vals = v;
rc = LDAP_SUCCESS;
}
return_results:
if( target != e ) {
/* free entry */
- bdb_entry_return( be, e );
+ bdb_cache_return_entry_r(&bdb->bi_cache, e);
}
#ifdef NEW_LOGGING