ID *lastid,
int tentries );
-static int bdb_pfid_cmp( const void *v_id1, const void *v_id2 );
-static ID* bdb_id_dup( Operation *op, ID *id );
-
/* Dereference aliases for a single alias entry. Return the final
* dereferenced entry on success, NULL on any failure.
*/
Entry *matched, *a;
EntryInfo *ei;
struct berval bv_alias = BER_BVC( "alias" );
- AttributeAssertion aa_alias;
+#ifdef LDAP_COMP_MATCH
+ AttributeAssertion aa_alias = { NULL, BER_BVNULL, NULL };
+#else
+ AttributeAssertion aa_alias = { NULL, BER_BVNULL };
+#endif
Filter af;
DB_LOCK locka, lockr;
int first = 1;
Entry *matched = NULL;
EntryInfo *ei, ei_root = {0};
struct berval realbase = BER_BVNULL;
+ slap_mask_t mask;
int manageDSAit;
int tentries = 0;
ID lastid = NOID;
if ( matched != NULL ) {
BerVarray erefs = NULL;
+#ifdef SLAP_ACL_HONOR_DISCLOSE
+ /* return referral only if "disclose"
+ * is granted on the object */
if ( ! access_allowed( op, matched,
slap_schema.si_ad_entry,
NULL, ACL_DISCLOSE, NULL ) )
{
rs->sr_err = LDAP_NO_SUCH_OBJECT;
- } else {
+ } else
+#endif /* SLAP_ACL_HONOR_DISCLOSE */
+ {
ber_dupbv( &matched_dn, &matched->e_name );
erefs = is_entry_referral( matched )
return rs->sr_err;
}
- if ( ! access_allowed( op, e, slap_schema.si_ad_entry,
- NULL, ACL_DISCLOSE, NULL ) )
+#ifdef SLAP_ACL_HONOR_DISCLOSE
+ /* NOTE: __NEW__ "search" access is required
+ * on searchBase object */
+ if ( ! access_allowed_mask( op, e, slap_schema.si_ad_entry,
+ NULL, ACL_SEARCH, NULL, &mask ) )
{
- rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ if ( !ACL_GRANT( mask, ACL_DISCLOSE ) ) {
+ rs->sr_err = LDAP_NO_SUCH_OBJECT;
+ } else {
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ }
#ifdef SLAP_ZONE_ALLOC
slap_zn_runlock(bdb->bi_cache.c_zctx, e);
send_ldap_result( op, rs );
return 1;
}
+#endif /* SLAP_ACL_HONOR_DISCLOSE */
if ( !manageDSAit && e != &e_root && is_entry_referral( e ) ) {
/* entry is a referral, don't allow add */
goto loop_begin;
}
-loop_start:
-
for ( id = bdb_idl_first( candidates, &cursor );
id != NOID ; id = bdb_idl_next( candidates, &cursor ) )
{
int scopeok = 0;
- ID* idhole = NULL;
loop_begin:
/* check for abandon */
if ( op->o_abandon ) {
- rs->sr_err = LDAP_SUCCESS;
+ rs->sr_err = SLAPD_ABANDON;
goto done;
}
int rc, depth = 1;
Filter f, rf, xf, nf;
ID *stack;
- AttributeAssertion aa_ref;
+#ifdef LDAP_COMP_MATCH
+ AttributeAssertion aa_ref = { NULL, BER_BVNULL, NULL };
+#else
+ AttributeAssertion aa_ref = { NULL, BER_BVNULL };
+#endif
#ifdef BDB_SUBENTRIES
Filter sf;
- AttributeAssertion aa_subentry;
+#ifdef LDAP_COMP_MATCH
+ AttributeAssertion aa_subentry = { NULL, BER_BVNULL, NULL };
+#else
+ AttributeAssertion aa_subentry = { NULL, BER_BVNULL };
+#endif
#endif
/*
op->o_conn->c_pagedresults_state.ps_cookie = respcookie;
op->o_conn->c_pagedresults_state.ps_count =
- ((PagedResultsState *)op->o_pagedresults_state)->ps_count + rs->sr_nentries;
+ ((PagedResultsState *)op->o_pagedresults_state)->ps_count +
+ rs->sr_nentries;
/* return size of 0 -- no estimate */
ber_printf( ber, "{iO}", 0, &cookie );
(void) ber_free_buf( ber );
}
-static int
-bdb_pfid_cmp( const void *v_id1, const void *v_id2 )
-{
- const ID *p1 = v_id1, *p2 = v_id2;
- return *p1 - *p2;
-}
-
-static ID*
-bdb_id_dup( Operation *op, ID *id )
-{
- ID *new;
- new = ch_malloc( sizeof(ID) );
- *new = *id;
- return new;
-}