Add BDB_INDEX error handling

[openldap] / servers / slapd / passwd.c

diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c
index f26b2d8814690d4892e1b9bbb052673165915df4..6e0b31b0e338bc53db8e096e3662010137f67a19 100644 (file)
--- a/servers/slapd/passwd.c
+++ b/servers/slapd/passwd.c
@@ -82,8 +82,14 @@ int slap_passwd_parse( struct berval *reqdata,
        ber = ber_init( reqdata );
 
        if( ber == NULL ) {
+#ifdef NEW_LOGGING
+               LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                          "slap_passwd_parse: ber_init failed\n" ));
+#else
                Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: ber_init failed\n",
                        0, 0, 0 );
+#endif
+
                *text = "password decoding error";
                return LDAP_PROTOCOL_ERROR;
        }
@@ -96,8 +102,14 @@ int slap_passwd_parse( struct berval *reqdata,
 
        if( tag == LDAP_TAG_EXOP_X_MODIFY_PASSWD_ID ) {
                if( id == NULL ) {
+#ifdef NEW_LOGGING
+                       LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                                  "slap_passwd_parse: ID not allowed.\n"));
+#else
                        Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: ID not allowed.\n",
                                0, 0, 0 );
+#endif
+
                        *text = "user must change own password";
                        rc = LDAP_UNWILLING_TO_PERFORM;
                        goto done;
@@ -106,8 +118,14 @@ int slap_passwd_parse( struct berval *reqdata,
                tag = ber_scanf( ber, "O", id );
 
                if( tag == LBER_ERROR ) {
+#ifdef NEW_LOGGING
+                       LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                                  "slap_passwd_parse:  ID parse failed.\n"));
+#else
                        Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: ID parse failed.\n",
                                0, 0, 0 );
+#endif
+
                        goto decoding_error;
                }
 
@@ -116,8 +134,14 @@ int slap_passwd_parse( struct berval *reqdata,
 
        if( tag == LDAP_TAG_EXOP_X_MODIFY_PASSWD_OLD ) {
                if( oldpass == NULL ) {
+#ifdef NEW_LOGGING
+                       LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                                  "slap_passwd_parse: OLD not allowed.\n" ));
+#else
                        Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: OLD not allowed.\n",
                                0, 0, 0 );
+#endif
+
                        *text = "use bind to verify old password";
                        rc = LDAP_UNWILLING_TO_PERFORM;
                        goto done;
@@ -126,8 +150,14 @@ int slap_passwd_parse( struct berval *reqdata,
                tag = ber_scanf( ber, "O", oldpass );
 
                if( tag == LBER_ERROR ) {
+#ifdef NEW_LOGGING
+                       LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                                  "slap_passwd_parse:  ID parse failed.\n" ));
+#else
                        Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: ID parse failed.\n",
                                0, 0, 0 );
+#endif
+
                        goto decoding_error;
                }
 
@@ -136,8 +166,14 @@ int slap_passwd_parse( struct berval *reqdata,
 
        if( tag == LDAP_TAG_EXOP_X_MODIFY_PASSWD_NEW ) {
                if( newpass == NULL ) {
+#ifdef NEW_LOGGING
+                       LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                                  "slap_passwd_parse:  NEW not allowed.\n" ));
+#else
                        Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: NEW not allowed.\n",
                                0, 0, 0 );
+#endif
+
                        *text = "user specified passwords disallowed";
                        rc = LDAP_UNWILLING_TO_PERFORM;
                        goto done;
@@ -146,8 +182,14 @@ int slap_passwd_parse( struct berval *reqdata,
                tag = ber_scanf( ber, "O", newpass );
 
                if( tag == LBER_ERROR ) {
+#ifdef NEW_LOGGING
+                       LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                                  "slap_passwd_parse:  OLD parse failed.\n"));
+#else
                        Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: OLD parse failed.\n",
                                0, 0, 0 );
+#endif
+
                        goto decoding_error;
                }
 
@@ -156,9 +198,15 @@ int slap_passwd_parse( struct berval *reqdata,
 
        if( len != 0 ) {
 decoding_error:
+#ifdef NEW_LOGGING
+               LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+                          "slap_passwd_parse: decoding error, len=%ld\n", (long)len ));
+#else
                Debug( LDAP_DEBUG_TRACE,
                        "slap_passwd_parse: decoding error, len=%ld\n",
                        (long) len, 0, 0 );
+#endif
+
 
                *text = "data decoding error";
                rc = LDAP_PROTOCOL_ERROR;
@@ -195,8 +243,14 @@ struct berval * slap_passwd_return(
 
        assert( cred != NULL );
 
+#ifdef NEW_LOGGING
+       LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
+                  "slap_passwd_return: %ld\n",(long)cred->bv_len ));
+#else
        Debug( LDAP_DEBUG_TRACE, "slap_passwd_return: %ld\n",
                (long) cred->bv_len, 0, 0 );
+#endif
+
 
        if( ber == NULL ) return NULL;
        
@@ -221,10 +275,10 @@ slap_passwd_check(
        Attribute *a,
        struct berval *cred )
 {
-       int     i;
+       int     i;
        int result = 1;
 
-#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
        ldap_pvt_thread_mutex_lock( &passwd_mutex );
 #ifdef SLAPD_SPASSWD
        lutil_passwd_sasl_conn = conn->c_sasl_context;
@@ -238,7 +292,10 @@ slap_passwd_check(
                }
        }
 
-#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
+#ifdef SLAPD_SPASSWD
+       lutil_passwd_sasl_conn = NULL;
+#endif
        ldap_pvt_thread_mutex_unlock( &passwd_mutex );
 #endif
 
@@ -247,7 +304,13 @@ slap_passwd_check(
 
 struct berval * slap_passwd_generate( void )
 {
+#ifdef NEW_LOGGING
+       LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
+                  "slap_passwd_generate: begin\n" ));
+#else
        Debug( LDAP_DEBUG_TRACE, "slap_passwd_generate\n", 0, 0, 0 );
+#endif
+
 
        /*
         * generate passwords of only 8 characters as some getpass(3)
@@ -259,17 +322,22 @@ struct berval * slap_passwd_generate( void )
 struct berval * slap_passwd_hash(
        struct berval * cred )
 {
-       char* hash = default_passwd_hash ? default_passwd_hash : "{SSHA}";
+#ifdef LUTIL_SHA1_BYTES
+       char* hash = default_passwd_hash ?  default_passwd_hash : "{SSHA}";
+#else
+       char* hash = default_passwd_hash ?  default_passwd_hash : "{SMD5}";
+#endif
+       
 
        struct berval *new;
 
-#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
        ldap_pvt_thread_mutex_lock( &passwd_mutex );
 #endif
 
        new = lutil_passwd_hash( cred , hash );
        
-#if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD )
+#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
        ldap_pvt_thread_mutex_unlock( &passwd_mutex );
 #endif