Use recursive mutex to avoid deadlocks

[openldap] / servers / slapd / controls.c

diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index 049096c29b58eff30e9251eb792c1b14c46ac2c5..26e2461515939dc580e2309ae1f4929c81475776 100644 (file)
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -96,7 +96,7 @@ static int num_known_controls = 1;
 
 static char *proxy_authz_extops[] = {
        LDAP_EXOP_MODIFY_PASSWD,
-       LDAP_EXOP_X_WHO_AM_I,
+       LDAP_EXOP_WHO_AM_I,
        LDAP_EXOP_REFRESH,
        NULL
 };
@@ -183,6 +183,13 @@ static struct slap_control control_defs[] = {
                SLAP_CTRL_GLOBAL|SLAP_CTRL_UPDATE|SLAP_CTRL_HIDE,
                NULL, NULL,
                parseManageDIT, LDAP_SLIST_ENTRY_INITIALIZER(next) },
+#endif
+#ifdef LDAP_X_TXN
+       { LDAP_CONTROL_X_TXN_SPEC,
+               (int)offsetof(struct slap_control_ids, sc_txnSpec),
+               SLAP_CTRL_UPDATE|SLAP_CTRL_HIDE,
+               NULL, NULL,
+               txn_spec_ctrl, LDAP_SLIST_ENTRY_INITIALIZER(next) },
 #endif
        { LDAP_CONTROL_MANAGEDSAIT,
                (int)offsetof(struct slap_control_ids, sc_manageDSAit),
@@ -413,7 +420,7 @@ get_supported_controls(char ***ctrloidsp,
        }
        masks = (slap_mask_t *)SLAP_MALLOC( (n + 1) * sizeof(slap_mask_t) );
        if  ( masks == NULL ) {
-               ch_free( oids );
+               SLAP_FREE( oids );
                return LDAP_NO_MEMORY;
        }
 
@@ -485,9 +492,11 @@ slap_global_control( Operation *op, const char *oid, int *cid )
                return LDAP_COMPARE_TRUE;
        }
 
+#if 0
        Debug( LDAP_DEBUG_TRACE,
                "slap_global_control: unavailable control: %s\n",      
                oid, 0, 0 );
+#endif
 
        return LDAP_COMPARE_FALSE;
 }
@@ -921,8 +930,8 @@ static int parseProxyAuthz (
        if ( !( global_allows & SLAP_ALLOW_PROXY_AUTHZ_ANON )
                && BER_BVISEMPTY( &op->o_ndn ) )
        {
-               rs->sr_text = "anonymous proxyAuthz not allowed";
-               return LDAP_PROXY_AUTHZ_FAILURE;
+               rs->sr_text = "anonymous proxied authorization not allowed";
+               return LDAP_PROXIED_AUTHORIZATION_DENIED;
        }
 
        op->o_proxy_authz = ctrl->ldctl_iscritical
@@ -963,7 +972,7 @@ static int parseProxyAuthz (
                        ch_free( dn.bv_val );
                }
                rs->sr_text = "authzId mapping failed";
-               return LDAP_PROXY_AUTHZ_FAILURE;
+               return LDAP_PROXIED_AUTHORIZATION_DENIED;
        }
 
        Debug( LDAP_DEBUG_TRACE,
@@ -976,7 +985,7 @@ static int parseProxyAuthz (
        if ( rc ) {
                ch_free( dn.bv_val );
                rs->sr_text = "not authorized to assume identity";
-               return LDAP_PROXY_AUTHZ_FAILURE;
+               return LDAP_PROXIED_AUTHORIZATION_DENIED;
        }
 
        ch_free( op->o_ndn.bv_val );
@@ -1201,6 +1210,13 @@ static int parsePreRead (
                return LDAP_PROTOCOL_ERROR;
        }
 
+#ifdef LDAP_X_TXN
+       if ( op->o_txnSpec ) { /* temporary limitation */
+               rs->sr_text = "cannot perform pre-read in transaction";
+               return LDAP_UNWILLING_TO_PERFORM;
+       }
+#endif
+
        ber = ber_init( &(ctrl->ldctl_value) );
        if (ber == NULL) {
                rs->sr_text = "preread control: internal error";
@@ -1259,6 +1275,13 @@ static int parsePostRead (
                return LDAP_PROTOCOL_ERROR;
        }
 
+#ifdef LDAP_X_TXN
+       if ( op->o_txnSpec ) { /* temporary limitation */
+               rs->sr_text = "cannot perform post-read in transaction";
+               return LDAP_UNWILLING_TO_PERFORM;
+       }
+#endif
+
        ber = ber_init( &(ctrl->ldctl_value) );
        if (ber == NULL) {
                rs->sr_text = "postread control: internal error";