Clear ocflags

[openldap] / servers / slapd / back-ldap / extended.c

diff --git a/servers/slapd/back-ldap/extended.c b/servers/slapd/back-ldap/extended.c
index 8f643e1c9324833e5e05c903037a25124e241260..364d8905f9dfe5a348fb04aa1a43cb130a7dc75c 100644 (file)
--- a/servers/slapd/back-ldap/extended.c
+++ b/servers/slapd/back-ldap/extended.c
@@ -1,9 +1,24 @@
 /* extended.c - ldap backend extended routines */
 /* $OpenLDAP$ */
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 2003 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
  */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by the Howard Chu for inclusion
+ * in OpenLDAP Software and subsequently enhanced by Pierangelo
+ * Masarati. 
+ */
+/* This is an altered version */
 
 #include "portable.h"
 
@@ -33,7 +48,40 @@ ldap_back_extended(
 
        for( i=0; exop_table[i].extended != NULL; i++ ) {
                if( ber_bvcmp( exop_table[i].oid, &op->oq_extended.rs_reqoid ) == 0 ) {
+#ifdef LDAP_BACK_PROXY_AUTHZ 
+                       struct ldapconn *lc;
+                       LDAPControl **oldctrls = NULL;
+                       int rc;
+
+                       /* FIXME: this needs to be called here, so it is
+                        * called twice; maybe we could avoid the 
+                        * ldap_back_dobind() call inside each extended()
+                        * call ... */
+                       lc = ldap_back_getconn(op, rs);
+                       if (!lc || !ldap_back_dobind(lc, op, rs) ) {
+                               return -1;
+                       }
+
+                       oldctrls = op->o_ctrls;
+                       if ( ldap_back_proxy_authz_ctrl( lc, op, rs, &op->o_ctrls ) ) {
+                               op->o_ctrls = oldctrls;
+                               send_ldap_result( op, rs );
+                               rs->sr_text = NULL;
+                               return rs->sr_err;
+                       }
+
+                       rc = (exop_table[i].extended)( op, rs );
+
+                       if ( op->o_ctrls && op->o_ctrls != oldctrls ) {
+                               free( op->o_ctrls[ 0 ] );
+                               free( op->o_ctrls );
+                       }
+                       op->o_ctrls = oldctrls;
+
+                       return rc;
+#else /* ! LDAP_BACK_PROXY_AUTHZ */
                        return (exop_table[i].extended)( op, rs );
+#endif /* ! LDAP_BACK_PROXY_AUTHZ */
                }
        }
 
@@ -85,7 +133,7 @@ ldap_back_exop_passwd(
                return LDAP_UNWILLING_TO_PERFORM;
        }
        if (id.bv_len) {
-               dc.li = li;
+               dc.rwmap = &li->rwmap;
 #ifdef ENABLE_REWRITE
                dc.conn = op->o_conn;
                dc.rs = rs;