Partially revert prev commit, leave rs->sr_err == SLAPD_ABANDON

[openldap] / servers / slapd / back-ldap / modify.c

diff --git a/servers/slapd/back-ldap/modify.c b/servers/slapd/back-ldap/modify.c
index 7e6e7ecad5596d19888117f41e99370944583a27..4635f1568a08daad8f19e7ff1e6e2288f1420c85 100644 (file)
--- a/servers/slapd/back-ldap/modify.c
+++ b/servers/slapd/back-ldap/modify.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1999-2006 The OpenLDAP Foundation.
+ * Copyright 1999-2009 The OpenLDAP Foundation.
  * Portions Copyright 1999-2003 Howard Chu.
  * Portions Copyright 2000-2003 Pierangelo Masarati.
  * All rights reserved.
@@ -38,7 +38,7 @@ ldap_back_modify(
 {
        ldapinfo_t              *li = (ldapinfo_t *)op->o_bd->be_private;
 
-       ldapconn_t              *lc;
+       ldapconn_t              *lc = NULL;
        LDAPMod                 **modv = NULL,
                                *mods = NULL;
        Modifications           *ml;
@@ -48,12 +48,11 @@ ldap_back_modify(
        ldap_back_send_t        retrying = LDAP_BACK_RETRYING;
        LDAPControl             **ctrls = NULL;
 
-       lc = ldap_back_getconn( op, rs, LDAP_BACK_SENDERR );
-       if ( !lc || !ldap_back_dobind( lc, op, rs, LDAP_BACK_SENDERR ) ) {
+       if ( !ldap_back_dobind( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
                return rs->sr_err;
        }
 
-       for ( i = 0, ml = op->oq_modify.rs_modlist; ml; i++, ml = ml->sml_next )
+       for ( i = 0, ml = op->orm_modlist; ml; i++, ml = ml->sml_next )
                /* just count mods */ ;
 
        modv = (LDAPMod **)ch_malloc( ( i + 1 )*sizeof( LDAPMod * )
@@ -65,8 +64,8 @@ ldap_back_modify(
        mods = (LDAPMod *)&modv[ i + 1 ];
 
        isupdate = be_shadow_update( op );
-       for ( i = 0, ml = op->oq_modify.rs_modlist; ml; ml = ml->sml_next ) {
-               if ( !isupdate && !get_manageDIT( op ) && ml->sml_desc->ad_type->sat_no_user_mod  )
+       for ( i = 0, ml = op->orm_modlist; ml; ml = ml->sml_next ) {
+               if ( !isupdate && !get_relax( op ) && ml->sml_desc->ad_type->sat_no_user_mod  )
                {
                        continue;
                }
@@ -98,30 +97,31 @@ ldap_back_modify(
        }
        modv[ i ] = 0;
 
+retry:;
        ctrls = op->o_ctrls;
-       rc = ldap_back_proxy_authz_ctrl( &lc->lc_bound_ndn,
-               li->li_version, &li->li_idassert, op, rs, &ctrls );
+       rc = ldap_back_controls_add( op, rs, lc, &ctrls );
        if ( rc != LDAP_SUCCESS ) {
                send_ldap_result( op, rs );
                rc = -1;
                goto cleanup;
        }
 
-retry:
        rs->sr_err = ldap_modify_ext( lc->lc_ld, op->o_req_dn.bv_val, modv,
                        ctrls, NULL, &msgid );
        rc = ldap_back_op_result( lc, op, rs, msgid,
-               li->li_timeout[ LDAP_BACK_OP_MODIFY],
+               li->li_timeout[ SLAP_OP_MODIFY ],
                ( LDAP_BACK_SENDRESULT | retrying ) );
        if ( rs->sr_err == LDAP_UNAVAILABLE && retrying ) {
                retrying &= ~LDAP_BACK_RETRYING;
                if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
+                       /* if the identity changed, there might be need to re-authz */
+                       (void)ldap_back_controls_free( op, rs, &ctrls );
                        goto retry;
                }
        }
 
 cleanup:;
-       (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
+       (void)ldap_back_controls_free( op, rs, &ctrls );
 
        for ( i = 0; modv[ i ]; i++ ) {
                ch_free( modv[ i ]->mod_bvalues );
@@ -129,7 +129,7 @@ cleanup:;
        ch_free( modv );
 
        if ( lc != NULL ) {
-               ldap_back_release_conn( op, rs, lc );
+               ldap_back_release_conn( li, lc );
        }
 
        return rc;