Add a retry for entry_get too. (oops)

[openldap] / servers / slapd / back-ldap / extended.c

diff --git a/servers/slapd/back-ldap/extended.c b/servers/slapd/back-ldap/extended.c
index caac505823872870fbc238d4d696794cc47e2283..5008de7acc2e33ec2fb7bdcb848227ca41cf0090 100644 (file)
--- a/servers/slapd/back-ldap/extended.c
+++ b/servers/slapd/back-ldap/extended.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 2003 The OpenLDAP Foundation.
+ * Copyright 2003-2004 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -18,7 +18,6 @@
  * in OpenLDAP Software and subsequently enhanced by Pierangelo
  * Masarati. 
  */
-/* This is an altered version */
 
 #include "portable.h"
 
@@ -48,7 +47,40 @@ ldap_back_extended(
 
        for( i=0; exop_table[i].extended != NULL; i++ ) {
                if( ber_bvcmp( exop_table[i].oid, &op->oq_extended.rs_reqoid ) == 0 ) {
+#ifdef LDAP_BACK_PROXY_AUTHZ 
+                       struct ldapconn *lc;
+                       LDAPControl **oldctrls = NULL;
+                       int rc;
+
+                       /* FIXME: this needs to be called here, so it is
+                        * called twice; maybe we could avoid the 
+                        * ldap_back_dobind() call inside each extended()
+                        * call ... */
+                       lc = ldap_back_getconn(op, rs);
+                       if (!lc || !ldap_back_dobind(lc, op, rs) ) {
+                               return -1;
+                       }
+
+                       oldctrls = op->o_ctrls;
+                       if ( ldap_back_proxy_authz_ctrl( lc, op, rs, &op->o_ctrls ) ) {
+                               op->o_ctrls = oldctrls;
+                               send_ldap_result( op, rs );
+                               rs->sr_text = NULL;
+                               return rs->sr_err;
+                       }
+
+                       rc = (exop_table[i].extended)( op, rs );
+
+                       if ( op->o_ctrls && op->o_ctrls != oldctrls ) {
+                               free( op->o_ctrls[ 0 ] );
+                               free( op->o_ctrls );
+                       }
+                       op->o_ctrls = oldctrls;
+
+                       return rc;
+#else /* ! LDAP_BACK_PROXY_AUTHZ */
                        return (exop_table[i].extended)( op, rs );
+#endif /* ! LDAP_BACK_PROXY_AUTHZ */
                }
        }
 
@@ -63,13 +95,12 @@ ldap_back_exop_passwd(
 {
        struct ldapinfo *li = (struct ldapinfo *) op->o_bd->be_private;
        struct ldapconn *lc;
-       struct berval id = { 0, NULL };
-       struct berval old = { 0, NULL };
-       struct berval new = { 0, NULL };
-       struct berval dn, mdn = { 0, NULL }, newpw;
+       req_pwdexop_s *qpw = &op->oq_pwdexop;
+       struct berval mdn = BER_BVNULL, newpw;
        LDAPMessage *res;
        ber_int_t msgid;
-       int rc;
+       int rc, isproxy;
+       int do_retry = 1;
        dncookie dc;
 
        lc = ldap_back_getconn(op, rs);
@@ -77,54 +108,39 @@ ldap_back_exop_passwd(
                return -1;
        }
 
-       rc = slap_passwd_parse( op->oq_extended.rs_reqdata, &id, &old, &new, &rs->sr_text );
-       if (rc != LDAP_SUCCESS)
-               return rc;
-       
-       if (id.bv_len) {
-               dn = id;
-       } else {
-               dn = op->o_dn;
-       }
+       isproxy = ber_bvcmp( &op->o_req_ndn, &op->o_ndn );
 
-#ifdef NEW_LOGGING
-       LDAP_LOG ( ACL, DETAIL1, "ldap_back_exop_passwd: \"%s\"%s\"\n",
-               dn.bv_val, id.bv_len ? " (proxy)" : "", 0 );
-#else
        Debug( LDAP_DEBUG_TRACE, "ldap_back_exop_passwd: \"%s\"%s\n",
-               dn.bv_val, id.bv_len ? " (proxy)" : "", 0 );
-#endif
+               op->o_req_dn.bv_val, isproxy ? " (proxy)" : "", 0 );
 
-       if (dn.bv_len == 0) {
-               rs->sr_text = "No password is associated with the Root DSE";
-               return LDAP_UNWILLING_TO_PERFORM;
-       }
-       if (id.bv_len) {
+       if ( isproxy ) {
                dc.rwmap = &li->rwmap;
 #ifdef ENABLE_REWRITE
                dc.conn = op->o_conn;
                dc.rs = rs;
-               dc.ctx = "modifyPwd";
+               dc.ctx = "exopPasswdDN";
 #else
                dc.tofrom = 1;
                dc.normalized = 0;
 #endif
-               if ( ldap_back_dn_massage( &dc, &dn, &mdn ) ) {
+               if ( ldap_back_dn_massage( &dc, &op->o_req_dn, &mdn ) ) {
                        send_ldap_result( op, rs );
                        return -1;
                }
        }
 
-       rc = ldap_passwd(lc->ld, id.bv_len ? &mdn : NULL, old.bv_len ? &old : NULL,
-               new.bv_len ? &new : NULL, op->o_ctrls, NULL, &msgid);
-
-       if (mdn.bv_val != dn.bv_val) {
-               free(mdn.bv_val);
-       }
+retry:
+       rc = ldap_passwd(lc->ld, isproxy ? &mdn : NULL,
+               qpw->rs_old.bv_val ? &qpw->rs_old : NULL,
+               qpw->rs_new.bv_val ? &qpw->rs_new : NULL,
+               op->o_ctrls, NULL, &msgid);
 
        if (rc == LDAP_SUCCESS) {
                if (ldap_result(lc->ld, msgid, 1, NULL, &res) == -1) {
                        ldap_get_option(lc->ld, LDAP_OPT_ERROR_NUMBER, &rc);
+                       ldap_back_freeconn( op, lc );
+                       lc = NULL;
+
                } else {
                        /* sigh. parse twice, because parse_passwd doesn't give
                         * us the err / match / msg info.
@@ -147,7 +163,11 @@ ldap_back_exop_passwd(
                }
        }
        if (rc != LDAP_SUCCESS) {
-               rs->sr_err = ldap_back_map_result(rs);
+               rs->sr_err = slap_map_api2result( rs );
+               if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
+                       do_retry = 0;
+                       if ( ldap_back_retry (lc, op, rs )) goto retry;
+               }
                send_ldap_result(op, rs);
                if (rs->sr_matched) free((char *)rs->sr_matched);
                if (rs->sr_text) free((char *)rs->sr_text);
@@ -155,5 +175,9 @@ ldap_back_exop_passwd(
                rs->sr_text = NULL;
                rc = -1;
        }
+       if (mdn.bv_val != op->o_req_dn.bv_val) {
+               free(mdn.bv_val);
+       }
+
        return rc;
 }