/* compare.c - ldbm backend compare routine */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
#include "portable.h"
Backend *be,
Connection *conn,
Operation *op,
- char *dn,
- Ava *ava
+ struct berval *dn,
+ struct berval *ndn,
+ AttributeAssertion *ava
)
{
struct ldbminfo *li = (struct ldbminfo *) be->be_private;
- char *matched;
+ Entry *matched;
Entry *e;
Attribute *a;
int rc;
+ int manageDSAit = get_manageDSAit( op );
/* get entry with reader lock */
- if ( (e = dn2entry_r( be, dn, &matched )) == NULL ) {
- send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched, "" );
+ if ( (e = dn2entry_r( be, ndn, &matched )) == NULL ) {
+ char *matched_dn = NULL;
+ BerVarray refs = NULL;
+
+ if ( matched != NULL ) {
+ matched_dn = ch_strdup( matched->e_dn );
+ refs = is_entry_referral( matched )
+ ? get_entry_referrals( be, conn, op, matched )
+ : NULL;
+ cache_return_entry_r( &li->li_cache, matched );
+ } else {
+ refs = referral_rewrite( default_referral,
+ NULL, dn, LDAP_SCOPE_DEFAULT );
+ }
+
+ send_ldap_result( conn, op, LDAP_REFERRAL,
+ matched_dn, NULL, refs, NULL );
+
+ if ( refs ) ber_bvarray_free( refs );
+ free( matched_dn );
+
return( 1 );
}
- /* check for deleted */
- if ( ! access_allowed( be, conn, op, e, ava->ava_type, &ava->ava_value,
- op->o_dn, ACL_COMPARE ) ) {
- send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, "", "" );
+ if (!manageDSAit && is_entry_referral( e ) ) {
+ /* entry is a referral, don't allow add */
+ BerVarray refs = get_entry_referrals( be,
+ conn, op, e );
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "backend", LDAP_LEVEL_INFO,
+ "ldbm_back_compare: entry (%s) is a referral.\n", e->e_dn ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
+ 0, 0 );
+#endif
+
+
+ send_ldap_result( conn, op, LDAP_REFERRAL,
+ e->e_dn, NULL, refs, NULL );
+
+ if (refs ) ber_bvarray_free( refs );
+
rc = 1;
goto return_results;
}
- if ( (a = attr_find( e->e_attrs, ava->ava_type )) == NULL ) {
- send_ldap_result( conn, op, LDAP_NO_SUCH_ATTRIBUTE, "", "" );
+ if ( ! access_allowed( be, conn, op, e,
+ ava->aa_desc, &ava->aa_value, ACL_COMPARE ) )
+ {
+ send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
+ NULL, NULL, NULL, NULL );
rc = 1;
goto return_results;
}
- if ( value_find( a->a_vals, &ava->ava_value, a->a_syntax, 1 ) == 0 )
- send_ldap_result( conn, op, LDAP_COMPARE_TRUE, "", "" );
- else
- send_ldap_result( conn, op, LDAP_COMPARE_FALSE, "", "" );
+ rc = LDAP_NO_SUCH_ATTRIBUTE;
+
+ for(a = attrs_find( e->e_attrs, ava->aa_desc );
+ a != NULL;
+ a = attrs_find( a->a_next, ava->aa_desc ))
+ {
+ rc = LDAP_COMPARE_FALSE;
+
+ if ( value_find( ava->aa_desc, a->a_vals, &ava->aa_value ) == 0 ) {
+ rc = LDAP_COMPARE_TRUE;
+ break;
+ }
+
+ }
+
+ send_ldap_result( conn, op, rc,
+ NULL, NULL, NULL, NULL );
+
+ if( rc != LDAP_NO_SUCH_ATTRIBUTE ) {
+ rc = 0;
+ }
- rc = 0;
return_results:;
cache_return_entry_r( &li->li_cache, e );