Operation *op,
SlapReply *rs )
{
- ldapconn_t *lc;
+ ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private;
+
+ ldapconn_t *lc = NULL;
struct timeval tv;
- time_t stoptime = (time_t)-1;
+ time_t stoptime = (time_t)(-1);
LDAPMessage *res,
*e;
int rc = 0,
/* FIXME: shouldn't this be null? */
const char *save_matched = rs->sr_matched;
- lc = ldap_back_getconn( op, rs, LDAP_BACK_SENDERR );
- if ( !lc || !ldap_back_dobind( lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ if ( !ldap_back_dobind( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
return rs->sr_err;
}
}
ctrls = op->o_ctrls;
- rc = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );
+ rc = ldap_back_proxy_authz_ctrl( &lc->lc_bound_ndn,
+ li->li_version, &li->li_idassert, op, rs, &ctrls );
if ( rc != LDAP_SUCCESS ) {
goto finish;
}
continue;
} else {
+ /* only touch when activity actually took place... */
+ if ( li->li_idle_timeout && lc ) {
+ lc->lc_time = op->o_time;
+ }
+
/* don't retry any more */
dont_retry = 1;
}
}
if ( match.bv_val != NULL ) {
- {
- match.bv_len = strlen( match.bv_val );
- }
+ match.bv_len = strlen( match.bv_val );
}
/* cleanup */
}
finish:;
- if ( rc != SLAPD_ABANDON ) {
+ if ( LDAP_BACK_QUARANTINE( li ) ) {
+ ldap_back_quarantine( op, rs );
+ }
+
+#if 0
+ /* let send_ldap_result play cleanup handlers (ITS#4645) */
+ if ( rc != SLAPD_ABANDON )
+#endif
+ {
send_ldap_result( op, rs );
}
slap_syntax_validate_func *validate;
slap_syntax_transform_func *pretty;
- attr = (Attribute *)ch_malloc( sizeof( Attribute ) );
+ attr = attr_alloc( NULL );
if ( attr == NULL ) {
continue;
}
- attr->a_flags = 0;
- attr->a_next = 0;
- attr->a_desc = NULL;
if ( slap_bv2ad( &a, &attr->a_desc, &text )
!= LDAP_SUCCESS )
{
"%s ldap_build_entry: "
"slap_bv2undef_ad(%s): %s\n",
op->o_log_prefix, a.bv_val, text );
- ch_free( attr );
+ attr_free( attr );
continue;
}
}
*/
( void )ber_scanf( &ber, "x" /* [W] */ );
- ch_free( attr );
+ attr_free( attr );
continue;
}
if ( rc != LDAP_SUCCESS ) {
BER_BVZERO( &attr->a_nvals[i] );
- ch_free( attr );
+ attr_free( attr );
goto next_attr;
}
}
ObjectClass *oc,
AttributeDescription *at,
int rw,
- Entry **ent
-)
+ Entry **ent )
{
- ldapconn_t *lc;
+ ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private;
+
+ ldapconn_t *lc = NULL;
int rc = 1,
do_not_cache;
struct berval bdn;
/* Tell getconn this is a privileged op */
do_not_cache = op->o_do_not_cache;
op->o_do_not_cache = 1;
- lc = ldap_back_getconn( op, &rs, LDAP_BACK_DONTSEND );
- if ( !lc || !ldap_back_dobind( lc, op, &rs, LDAP_BACK_DONTSEND ) ) {
+ if ( !ldap_back_dobind( &lc, op, &rs, LDAP_BACK_DONTSEND ) ) {
op->o_do_not_cache = do_not_cache;
return rs.sr_err;
}
*ptr++ = '\0';
}
+retry:
ctrls = op->o_ctrls;
- rc = ldap_back_proxy_authz_ctrl( lc, op, &rs, &ctrls );
+ rc = ldap_back_proxy_authz_ctrl( &lc->lc_bound_ndn,
+ li->li_version, &li->li_idassert, op, &rs, &ctrls );
if ( rc != LDAP_SUCCESS ) {
goto cleanup;
}
-retry:
rc = ldap_search_ext_s( lc->lc_ld, ndn->bv_val, LDAP_SCOPE_BASE, filter,
attrp, 0, ctrls, NULL,
NULL, LDAP_NO_LIMIT, &result );
if ( rc == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
if ( ldap_back_retry( &lc, op, &rs, LDAP_BACK_DONTSEND ) ) {
+ /* if the identity changed, there might be need to re-authz */
+ (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
goto retry;
}
}
goto cleanup;
}
- *ent = ch_calloc( 1, sizeof( Entry ) );
+ *ent = entry_alloc();
if ( *ent == NULL ) {
rc = LDAP_NO_MEMORY;
goto cleanup;