Add a little SASL framework and remove old X-DIGEST-MD5 hardcode.

[openldap] / servers / slapd / compare.c

diff --git a/servers/slapd/compare.c b/servers/slapd/compare.c
index 56d3c65ab5621375e7d44dc12c1771580272bed1..61380982ffbe29ce0578333f933779b9b280e212 100644 (file)
--- a/servers/slapd/compare.c
+++ b/servers/slapd/compare.c
@@ -18,7 +18,7 @@
 
 #include "slap.h"
 
-void
+int
 do_compare(
     Connection *conn,
     Operation  *op
@@ -26,11 +26,19 @@ do_compare(
 {
        char    *ndn;
        Ava     ava;
-       int     rc;
        Backend *be;
+       int rc = LDAP_SUCCESS;
 
        Debug( LDAP_DEBUG_TRACE, "do_compare\n", 0, 0, 0 );
 
+       if( op->o_bind_in_progress ) {
+               Debug( LDAP_DEBUG_ANY, "do_compare: SASL bind in progress.\n",
+                       0, 0, 0 );
+               send_ldap_result( conn, op, LDAP_SASL_BIND_IN_PROGRESS,
+                       NULL, "SASL bind in progress", NULL, NULL );
+               return LDAP_SASL_BIND_IN_PROGRESS;
+       }
+
        /*
         * Parse the compare request.  It looks like this:
         *
@@ -46,18 +54,34 @@ do_compare(
        if ( ber_scanf( op->o_ber, "{a{ao}}", &ndn, &ava.ava_type,
            &ava.ava_value ) == LBER_ERROR ) {
                Debug( LDAP_DEBUG_ANY, "ber_scanf failed\n", 0, 0, 0 );
-               send_ldap_result( conn, op, LDAP_PROTOCOL_ERROR, NULL, "" );
-               return;
+               send_ldap_disconnect( conn, op,
+                       LDAP_PROTOCOL_ERROR, "decoding error" );
+               return -1;
+       }
+
+       if( dn_normalize_case( ndn ) == NULL ) {
+               Debug( LDAP_DEBUG_ANY, "do_compare: invalid dn (%s)\n", ndn, 0, 0 );
+               send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+                   "invalid DN", NULL, NULL );
+               free( ndn );
+               ava_free( &ava, 0 );
+               return rc;
        }
+
+       if( ( rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+               free( ndn );
+               ava_free( &ava, 0 );
+               Debug( LDAP_DEBUG_ANY, "do_compare: get_ctrls failed\n", 0, 0, 0 );
+               return rc;
+       } 
+
        value_normalize( ava.ava_value.bv_val, attr_syntax( ava.ava_type ) );
 
        Debug( LDAP_DEBUG_ARGS, "do_compare: dn (%s) attr (%s) value (%s)\n",
            ndn, ava.ava_type, ava.ava_value.bv_val );
 
-       ndn = dn_normalize( ndn );
-
        Statslog( LDAP_DEBUG_STATS, "conn=%d op=%d CMP dn=\"%s\" attr=\"%s\"\n",
-           conn->c_connid, op->o_opid, ndn, ava.ava_type, 0 );
+           op->o_connid, op->o_opid, ndn, ava.ava_type, 0 );
 
        /*
         * We could be serving multiple database backends.  Select the
@@ -68,22 +92,23 @@ do_compare(
                free( ndn );
                ava_free( &ava, 0 );
 
-               send_ldap_result( conn, op, LDAP_PARTIAL_RESULTS, NULL,
-                   default_referral );
-               return;
+               send_ldap_result( conn, op, rc = LDAP_REFERRAL,
+                       NULL, NULL, default_referral, NULL );
+               return 1;
        }
 
-       /* alias suffix if approp */
-       ndn = suffixAlias( ndn, op, be );
-       dn_normalize_case( ndn );
+       /* deref suffix alias if appropriate */
+       ndn = suffix_alias( be, ndn );
 
-       if ( be->be_compare != NULL ) {
+       if ( be->be_compare ) {
                (*be->be_compare)( be, conn, op, ndn, &ava );
        } else {
-               send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
-                   "Function not implemented" );
+               send_ldap_result( conn, op, rc = LDAP_UNWILLING_TO_PERFORM,
+                       NULL, "Function not implemented", NULL, NULL );
        }
 
        free( ndn );
        ava_free( &ava, 0 );
+
+       return rc;
 }