handle ordered values as appropriate (ITS#6516)

[openldap] / servers / slapd / back-ldap / compare.c

diff --git a/servers/slapd/back-ldap/compare.c b/servers/slapd/back-ldap/compare.c
index 3ce083f724560c59c1e6f5ddc497838b4898e21c..16fb218d52bf5e471ba0627812cff713ac024ed2 100644 (file)
--- a/servers/slapd/back-ldap/compare.c
+++ b/servers/slapd/back-ldap/compare.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2003-2005 The OpenLDAP Foundation.
+ * Copyright 2003-2009 The OpenLDAP Foundation.
  * Portions Copyright 1999-2003 Howard Chu.
  * Portions Copyright 2000-2003 Pierangelo Masarati.
  * All rights reserved.
@@ -36,45 +36,49 @@ ldap_back_compare(
                Operation       *op,
                SlapReply       *rs )
 {
-       struct ldapconn *lc;
-       ber_int_t       msgid;
-       int             do_retry = 1;
-       LDAPControl     **ctrls = NULL;
-       int             rc = LDAP_SUCCESS;
+       ldapinfo_t              *li = (ldapinfo_t *)op->o_bd->be_private;
 
-       lc = ldap_back_getconn( op, rs );
-       if (!lc || !ldap_back_dobind( lc, op, rs ) ) {
-               rc = -1;
+       ldapconn_t              *lc = NULL;
+       ber_int_t               msgid;
+       ldap_back_send_t        retrying = LDAP_BACK_RETRYING;
+       LDAPControl             **ctrls = NULL;
+       int                     rc = LDAP_SUCCESS;
+
+       if ( !ldap_back_dobind( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
+               lc = NULL;
                goto cleanup;
        }
 
+retry:
        ctrls = op->o_ctrls;
-#ifdef LDAP_BACK_PROXY_AUTHZ
-       rc = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );
+       rc = ldap_back_controls_add( op, rs, lc, &ctrls );
        if ( rc != LDAP_SUCCESS ) {
                send_ldap_result( op, rs );
-               rc = -1;
                goto cleanup;
        }
-#endif /* LDAP_BACK_PROXY_AUTHZ */
 
-retry:
-       rs->sr_err = ldap_compare_ext( lc->lc_ld, op->o_req_ndn.bv_val,
+       rs->sr_err = ldap_compare_ext( lc->lc_ld, op->o_req_dn.bv_val,
                        op->orc_ava->aa_desc->ad_cname.bv_val,
                        &op->orc_ava->aa_value, 
                        ctrls, NULL, &msgid );
-       rc = ldap_back_op_result( lc, op, rs, msgid, 1 );
-       if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
-               do_retry = 0;
-               if ( ldap_back_retry(lc, op, rs ) ) {
+       rc = ldap_back_op_result( lc, op, rs, msgid,
+               li->li_timeout[ SLAP_OP_COMPARE ],
+               ( LDAP_BACK_SENDRESULT | retrying ) );
+       if ( rc == LDAP_UNAVAILABLE && retrying ) {
+               retrying &= ~LDAP_BACK_RETRYING;
+               if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
+                       /* if the identity changed, there might be need to re-authz */
+                       (void)ldap_back_controls_free( op, rs, &ctrls );
                        goto retry;
                }
        }
 
 cleanup:
-#ifdef LDAP_BACK_PROXY_AUTHZ
-       (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
-#endif /* LDAP_BACK_PROXY_AUTHZ */
+       (void)ldap_back_controls_free( op, rs, &ctrls );
        
-       return rc;
+       if ( lc != NULL ) {
+               ldap_back_release_conn( li, lc );
+       }
+
+       return rs->sr_err;
 }