/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Copyright 1998-2006 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
rs->sr_err = slap_bv2ad( &desc, &ava.aa_desc, &rs->sr_text );
if( rs->sr_err != LDAP_SUCCESS ) {
- send_ldap_result( op, rs );
- goto cleanup;
+ rs->sr_err = slap_bv2undef_ad( &desc, &ava.aa_desc,
+ &rs->sr_text,
+ SLAP_AD_PROXIED|SLAP_AD_NOINSERT );
+ if( rs->sr_err != LDAP_SUCCESS ) {
+ send_ldap_result( op, rs );
+ goto cleanup;
+ }
}
rs->sr_err = asserted_value_validate_normalize( ava.aa_desc,
cleanup:;
op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
- if ( ava.aa_value.bv_val ) {
+ if ( !BER_BVISNULL( &ava.aa_value ) ) {
op->o_tmpfree( ava.aa_value.bv_val, op->o_tmpmemctx );
}
int
fe_op_compare( Operation *op, SlapReply *rs )
{
- Entry *entry = NULL;
- int manageDSAit;
- AttributeAssertion ava = *op->orc_ava;
+ Entry *entry = NULL;
+ int manageDSAit;
+ AttributeAssertion ava = *op->orc_ava;
+ BackendDB *bd = op->o_bd;
if( strcasecmp( op->o_req_ndn.bv_val, LDAP_ROOT_DSE ) == 0 ) {
Debug( LDAP_DEBUG_ARGS,
rs->sr_err = LDAP_REFERRAL;
if (!rs->sr_ref) rs->sr_ref = default_referral;
- op->o_bd = frontendDB;
+ op->o_bd = bd;
send_ldap_result( op, rs );
- op->o_bd = NULL;
if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref );
rs->sr_err = 0;
ava.aa_desc->ad_cname.bv_val, 0, 0 );
op->orc_ava = &ava;
- if ( ava.aa_desc == slap_schema.si_ad_entryDN ) {
+
+ if ( SLAP_SHADOW(op->o_bd) && get_dontUseCopy(op) ) {
+ /* don't use shadow copy */
+ send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
+ "copy not used" );
+
+ } else if ( ava.aa_desc == slap_schema.si_ad_entryDN ) {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
"entryDN compare not supported" );
}
} else {
-#ifdef SLAP_ACL_HONOR_DISCLOSE
/* return error only if "disclose"
* is granted on the object */
if ( backend_access( op, NULL, &op->o_req_ndn,
{
rs->sr_err = LDAP_NO_SUCH_OBJECT;
}
-#endif /* SLAP_ACL_HONOR_DISCLOSE */
}
send_ldap_result( op, rs );
ava.aa_desc, &vals, ACL_COMPARE );
switch ( rs->sr_err ) {
default:
-#ifdef SLAP_ACL_HONOR_DISCLOSE
/* return error only if "disclose"
* is granted on the object */
if ( backend_access( op, NULL, &op->o_req_ndn,
{
rs->sr_err = LDAP_NO_SUCH_OBJECT;
}
-#endif /* SLAP_ACL_HONOR_DISCLOSE */
break;
case LDAP_SUCCESS:
}
cleanup:;
+ op->o_bd = bd;
return rs->sr_err;
}
}
done:
-#ifdef LDAP_ACL_HONOR_DISCLOSE
if( rc != LDAP_COMPARE_TRUE && rc != LDAP_COMPARE_FALSE ) {
if ( ! access_allowed( op, e,
slap_schema.si_ad_entry, NULL, ACL_DISCLOSE, NULL ) )
rc = LDAP_NO_SUCH_OBJECT;
}
}
-#endif
return rc;
}