/* op.c - relay backend operations */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2004 The OpenLDAP Foundation.
+ * Copyright 2004-2006 The OpenLDAP Foundation.
* Portions Copyright 2004 Pierangelo Masarati.
* All rights reserved.
*
static void
relay_back_add_cb( slap_callback *cb, struct slap_op *op )
{
- cb->sc_next = op->o_callback;
- cb->sc_response = relay_back_swap_bd;
- cb->sc_cleanup = relay_back_swap_bd;
- cb->sc_private = op->o_bd;
- op->o_callback = cb;
+ cb->sc_next = op->o_callback;
+ cb->sc_response = relay_back_swap_bd;
+ cb->sc_cleanup = relay_back_swap_bd;
+ cb->sc_private = op->o_bd;
+ op->o_callback = cb;
}
+/*
+ * selects the backend if not enforced at config;
+ * in case of failure, behaves based on err:
+ * -1 don't send result
+ * LDAP_SUCCESS don't send result; may send referral
+ * any valid error send as error result
+ */
static BackendDB *
relay_back_select_backend( struct slap_op *op, struct slap_rep *rs, int err )
{
if ( bd == NULL ) {
bd = select_backend( &op->o_req_ndn, 0, 1 );
if ( bd == op->o_bd ) {
- if ( err != LDAP_SUCCESS ) {
+ if ( err > LDAP_SUCCESS ) {
send_ldap_error( op, rs,
LDAP_UNWILLING_TO_PERFORM,
- "would call self" );
+ "back-relay would call self" );
}
return NULL;
}
}
- if ( bd == NULL ) {
- if ( SLAPD_GLOBAL(default_referral) ) {
- rs->sr_ref = referral_rewrite( SLAPD_GLOBAL(default_referral),
+ if ( bd == NULL && err > -1 ) {
+ if ( default_referral ) {
+ rs->sr_ref = referral_rewrite( default_referral,
NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
if ( !rs->sr_ref ) {
- rs->sr_ref = SLAPD_GLOBAL(default_referral);
+ rs->sr_ref = default_referral;
}
rs->sr_err = LDAP_REFERRAL;
send_ldap_result( op, rs );
- if ( rs->sr_ref != SLAPD_GLOBAL(default_referral) ) {
+ if ( rs->sr_ref != default_referral ) {
ber_bvarray_free( rs->sr_ref );
}
} else {
/* NOTE: err is LDAP_INVALID_CREDENTIALS for bind,
* LDAP_NO_SUCH_OBJECT for other operations.
- * noSuchObject is not allowed to be returned by bind */
+ * noSuchObject cannot be returned by bind */
rs->sr_err = err;
send_ldap_result( op, rs );
}
BackendDB *bd;
int rc = 1;
- bd = relay_back_select_backend( op, rs, LDAP_NO_SUCH_OBJECT );
+ bd = relay_back_select_backend( op, rs, -1 );
if ( bd == NULL ) {
return 1;
}
if ( op->o_callback == &cb ) {
op->o_callback = op->o_callback->sc_next;
}
-
- } else {
- send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
- "operation not supported "
- "within naming context" );
}
return rc;
}
+/*
+ * NOTE: even the existence of this function is questionable: we cannot
+ * pass the bi_chk_referrals() call thru the rwm overlay because there
+ * is no way to rewrite the req_dn back; but then relay_back_chk_referrals()
+ * is passing the target database a DN that likely does not belong to its
+ * naming context... mmmh.
+ */
int
relay_back_chk_referrals( struct slap_op *op, struct slap_rep *rs )
{
int rc = 0;
bd = relay_back_select_backend( op, rs, LDAP_SUCCESS );
+ /* FIXME: this test only works if there are no overlays, so
+ * it is nearly useless; if made stricter, no nested back-relays
+ * can be instantiated... too bad. */
if ( bd == NULL || bd == op->o_bd ) {
return 0;
}
+ /* no nested back-relays... */
+ if ( overlay_is_over( bd ) ) {
+ slap_overinfo *oi = (slap_overinfo *)bd->bd_info->bi_private;
+
+ if ( oi->oi_orig == op->o_bd->bd_info ) {
+ return 0;
+ }
+ }
+
if ( bd->be_chk_referrals ) {
BackendDB *be = op->o_bd;
slap_callback cb;