Skip spurious Statslog's for callback-intercepted responses.

[openldap] / servers / slapd / controls.c

diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index eed5c8bd796756d9cc3f13bee81a0aec7fa02532..1900312250e856026279a1b2e7cc95c3ee3255e9 100644 (file)
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2003 The OpenLDAP Foundation.
+ * Copyright 1998-2004 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -113,9 +113,11 @@ static struct slap_control control_defs[] = {
        { LDAP_CONTROL_SYNC,
                SLAP_CTRL_HIDE|SLAP_CTRL_SEARCH, NULL,
                parseLDAPsync, LDAP_SLIST_ENTRY_INITIALIZER(next) },
+#ifdef LDAP_CONTROL_MODIFY_INCREMENT
        { LDAP_CONTROL_MODIFY_INCREMENT,
                SLAP_CTRL_HIDE|SLAP_CTRL_MODIFY, NULL,
                parseModifyIncrement, LDAP_SLIST_ENTRY_INITIALIZER(next) },
+#endif
        { LDAP_CONTROL_MANAGEDSAIT,
                SLAP_CTRL_ACCESS, NULL,
                parseManageDSAit, LDAP_SLIST_ENTRY_INITIALIZER(next) },
@@ -748,46 +750,17 @@ static int parseProxyAuthz (
                return LDAP_SUCCESS;
        }
 
-       /* FIXME: how can we get the realm? */
-       {
-               int     rc;
-               char            buf[ SLAP_LDAPDN_MAXLEN ];
-               struct berval   id,
-                               user = { 0, NULL },
-                               realm = { 0, NULL },
-                               mech = { 0, NULL };
-
-               if ( sizeof( buf ) <= ctrl->ldctl_value.bv_len ) {
-                       return LDAP_INVALID_SYNTAX;
-               }
-
-               id.bv_len = ctrl->ldctl_value.bv_len;
-               id.bv_val = buf;
-               strncpy( buf, ctrl->ldctl_value.bv_val, sizeof( buf ) );
-
-               rc = slap_parse_user( &id, &user, &realm, &mech );
-               if ( rc == LDAP_SUCCESS ) {
-                       struct berval authz = BER_BVC( "AUTHZ" );
+       rc = slap_sasl_getdn( op->o_conn, op,
+                       ctrl->ldctl_value.bv_val, ctrl->ldctl_value.bv_len,
+                       NULL, &dn, SLAP_GETDN_AUTHZID );
 
-                       if ( mech.bv_len && !bvmatch( &mech, &authz) ) {
-                               rs->sr_text = "mech not allowed in authzId";
-                               return LDAP_PROXY_AUTHZ_FAILURE;
-                       }
-               } else {
-                       user = ctrl->ldctl_value;
+       if( rc != LDAP_SUCCESS || !dn.bv_len ) {
+               if ( dn.bv_val ) {
+                       ch_free( dn.bv_val );
                }
+               rs->sr_text = "authzId mapping failed";
+               return LDAP_PROXY_AUTHZ_FAILURE;
 
-               rc = slap_sasl_getdn( op->o_conn, op,
-                               user.bv_val, user.bv_len,
-                               realm.bv_val, &dn, SLAP_GETDN_AUTHZID );
-
-               if( rc != LDAP_SUCCESS || !dn.bv_len ) {
-                       if ( dn.bv_val ) {
-                               ch_free( dn.bv_val );
-                       }
-                       rs->sr_text = "authzId mapping failed";
-                       return LDAP_PROXY_AUTHZ_FAILURE;
-               }
        }
 
 #ifdef NEW_LOGGING