ITS#3607 add automatic BDB recovery

[openldap] / servers / slapd / compare.c

diff --git a/servers/slapd/compare.c b/servers/slapd/compare.c
index 9c41d57d411f96c30c813d1946e1be621c464dd7..38e9448d040883f49bea220b9cf5f2290f500c3f 100644 (file)
--- a/servers/slapd/compare.c
+++ b/servers/slapd/compare.c
@@ -47,7 +47,7 @@ do_compare(
        struct berval dn = BER_BVNULL;
        struct berval desc = BER_BVNULL;
        struct berval value = BER_BVNULL;
-       AttributeAssertion ava = { NULL, BER_BVNULL };
+       AttributeAssertion ava = { NULL, BER_BVNULL, NULL };
 
        ava.aa_desc = NULL;
 
@@ -326,10 +326,14 @@ fe_op_compare( Operation *op, SlapReply *rs )
                }
 
        } else if ( op->o_bd->be_compare ) {
-               op->o_bd->be_compare( op, rs );
+               rs->sr_err = op->o_bd->be_compare( op, rs );
 
 #endif /* ! SLAP_COMPARE_IN_FRONTEND */
        } else {
+               rs->sr_err = SLAP_CB_CONTINUE;
+       }
+
+       if ( rs->sr_err == SLAP_CB_CONTINUE ) {
                /* do our best to compare that AVA
                 * 
                 * NOTE: this code is used only
@@ -405,19 +409,22 @@ static int compare_entry(
        Entry *e,
        AttributeAssertion *ava )
 {
-       int rc;
+       int rc = LDAP_COMPARE_FALSE;
        Attribute *a;
 
        if ( ! access_allowed( op, e,
                ava->aa_desc, &ava->aa_value, ACL_COMPARE, NULL ) )
        {       
-               return LDAP_INSUFFICIENT_ACCESS;
+               rc = LDAP_INSUFFICIENT_ACCESS;
+               goto done;
        }
 
        a = attrs_find( e->e_attrs, ava->aa_desc );
-       if( a == NULL ) return LDAP_NO_SUCH_ATTRIBUTE;
+       if( a == NULL ) {
+               rc = LDAP_NO_SUCH_ATTRIBUTE;
+               goto done;
+       }
 
-       rc = LDAP_COMPARE_FALSE;
        for(a = attrs_find( e->e_attrs, ava->aa_desc );
                a != NULL;
                a = attrs_find( a->a_next, ava->aa_desc ))
@@ -432,13 +439,23 @@ static int compare_entry(
                if ( value_find_ex( ava->aa_desc,
                        SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
                                SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
-                       a->a_nvals,
-                       &ava->aa_value, op->o_tmpmemctx ) == 0 )
+                       a->a_nvals, &ava->aa_value, op->o_tmpmemctx ) == 0 )
                {
                        rc = LDAP_COMPARE_TRUE;
                        break;
                }
        }
 
+done:
+#ifdef LDAP_ACL_HONOR_DISCLOSE
+       if( rc != LDAP_COMPARE_TRUE && rc != LDAP_COMPARE_FALSE ) {
+               if ( ! access_allowed( op, e,
+                       slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) )
+               {
+                       rc = LDAP_NO_SUCH_OBJECT;
+               }
+       }
+#endif
+
        return rc;
 }