Change slap_sasl_authorized to take an Operation instead of a Connection,

[openldap] / servers / slapd / back-shell / compare.c

diff --git a/servers/slapd/back-shell/compare.c b/servers/slapd/back-shell/compare.c
index c7c85f8d68b16df19bcff462cbb5f9fa147ea7c8..09ffb4d4aa937c0b3c17ba518158d47c74873c2d 100644 (file)
--- a/servers/slapd/back-shell/compare.c
+++ b/servers/slapd/back-shell/compare.c
@@ -1,7 +1,7 @@
 /* compare.c - shell backend compare function */
 /* $OpenLDAP$ */
 /*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 
@@ -17,27 +17,40 @@
 
 int
 shell_back_compare(
-    Backend    *be,
-    Connection *conn,
     Operation  *op,
-    const char *dn,
-    const char *ndn,
-    AttributeAssertion *ava
-)
+    SlapReply  *rs )
 {
-       struct shellinfo        *si = (struct shellinfo *) be->be_private;
+       struct shellinfo        *si = (struct shellinfo *) op->o_bd->be_private;
+       AttributeDescription *entry = slap_schema.si_ad_entry;
+       Entry e;
        FILE                    *rfp, *wfp;
 
        if ( si->si_compare == NULL ) {
-               send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
-                   "compare not implemented", NULL, NULL );
+               send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+                   "compare not implemented" );
                return( -1 );
        }
 
+       e.e_id = NOID;
+       e.e_name = op->o_req_dn;
+       e.e_nname = op->o_req_ndn;
+       e.e_attrs = NULL;
+       e.e_ocflags = 0;
+       e.e_bv.bv_len = 0;
+       e.e_bv.bv_val = NULL;
+       e.e_private = NULL;
+
+       if ( ! access_allowed( op, &e,
+               entry, NULL, ACL_READ, NULL ) )
+       {
+               send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
+               return -1;
+       }
+
        if ( (op->o_private = (void *) forkandexec( si->si_compare, &rfp, &wfp ))
            == (void *) -1 ) {
-               send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
-                   "could not fork/exec", NULL, NULL );
+               send_ldap_error( op, rs, LDAP_OTHER,
+                   "could not fork/exec" );
                return( -1 );
        }
 
@@ -49,15 +62,15 @@ shell_back_compare(
        /* write out the request to the compare process */
        fprintf( wfp, "COMPARE\n" );
        fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
-       print_suffixes( wfp, be );
-       fprintf( wfp, "dn: %s\n", dn );
+       print_suffixes( wfp, op->o_bd );
+       fprintf( wfp, "dn: %s\n", op->o_req_dn.bv_val );
        fprintf( wfp, "%s: %s\n",
-               ava->aa_desc->ad_cname->bv_val,
-               ava->aa_value->bv_val /* could be binary! */ );
+               op->oq_compare.rs_ava->aa_desc->ad_cname.bv_val,
+               op->oq_compare.rs_ava->aa_value.bv_val /* could be binary! */ );
        fclose( wfp );
 
        /* read in the result and send it along */
-       read_and_send_results( be, conn, op, rfp, NULL, 0 );
+       read_and_send_results( op, rs, rfp );
 
        fclose( rfp );
        return( 0 );