#ifdef LDAP_SLAPI
struct berval bdn, ndn;
struct berval bsuffix, nsuffix;
+ int rc;
assert( dn != NULL );
assert( suffix != NULL );
bsuffix.bv_val = suffix;
bsuffix.bv_len = strlen( suffix );
- dnNormalize2( NULL, &bdn, &ndn );
- dnNormalize2( NULL, &bsuffix, &nsuffix );
+ if ( dnNormalize2( NULL, &bdn, &ndn ) != LDAP_SUCCESS ) {
+ return 0;
+ }
+
+ if ( dnNormalize2( NULL, &bsuffix, &nsuffix ) != LDAP_SUCCESS ) {
+ slapi_ch_free( (void **)&ndn.bv_val );
+ return 0;
+ }
+
+ rc = dnIsSuffix( &ndn, &nsuffix );
+
+ slapi_ch_free( (void **)&ndn.bv_val );
+ slapi_ch_free( (void **)&nsuffix.bv_val );
- return dnIsSuffix( &ndn, &nsuffix );
+ return rc;
#else /* LDAP_SLAPI */
return 0;
#endif /* LDAP_SLAPI */
static int
parseSlapiControl(
- Connection *conn,
Operation *op,
- LDAPControl *ctrl,
- const char **text)
+ SlapReply *rs,
+ LDAPControl *ctrl )
{
/* Plugins must deal with controls themselves. */
struct berval **urls )
{
#ifdef LDAP_SLAPI
- Connection *conn;
Operation *op;
struct berval *s;
char *extOID = NULL;
struct berval *extValue = NULL;
int rc;
+ SlapReply rs = { REP_RESULT };
- slapi_pblock_get( pb, SLAPI_CONNECTION, &conn );
slapi_pblock_get( pb, SLAPI_OPERATION, &op );
+
+ rs.sr_err = err;
+ rs.sr_matched = matched;
+ rs.sr_text = text;
+ rs.sr_ref = NULL;
+ rs.sr_ctrls = NULL;
+
+ slapi_pblock_get( pb, SLAPI_RESCONTROLS, &rs.sr_ctrls );
+
if ( err == LDAP_SASL_BIND_IN_PROGRESS ) {
- slapi_pblock_get( pb, SLAPI_BIND_RET_SASLCREDS, &s );
- rc = LDAP_SASL_BIND_IN_PROGRESS;
- send_ldap_sasl( conn, op, rc, NULL, NULL, NULL, NULL, s );
+ slapi_pblock_get( pb, SLAPI_BIND_RET_SASLCREDS, (void *) &rs.sr_sasldata );
+ send_ldap_sasl( op, &rs );
return;
}
slapi_pblock_get( pb, SLAPI_EXT_OP_RET_OID, &extOID );
if ( extOID != NULL ) {
- slapi_pblock_get( pb, SLAPI_EXT_OP_RET_VALUE, &extValue );
- slapi_send_ldap_extended_response( conn, op, err, extOID,
- extValue );
+ rs.sr_rspoid = extOID;
+ slapi_pblock_get( pb, SLAPI_EXT_OP_RET_VALUE, &rs.sr_rspdata );
+ send_ldap_extended( op, &rs );
return;
}
- send_ldap_result( conn, op, err, matched, text, NULL, NULL );
+ if (op->o_tag == LDAP_REQ_SEARCH)
+ rs.sr_nentries = nentries;
+
+ send_ldap_result( op, &rs );
#endif /* LDAP_SLAPI */
}
int attrsonly )
{
#ifdef LDAP_SLAPI
- Backend *be;
- Connection *pConn;
Operation *pOp;
- int rc;
-
+ SlapReply rs = { REP_RESULT };
int i;
AttributeName *an = NULL;
const char *text;
an[i].an_name.bv_val = NULL;
}
- if ( ( rc = slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) ||
- ( rc = slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&pConn) != 0 ) ||
- ( rc = slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&pOp) != 0 ) ) {
- rc = LDAP_OTHER;
- } else {
- rc = send_search_entry( be, pConn, pOp, e, an, attrsonly, NULL );
- }
+ rs.sr_err = LDAP_SUCCESS;
+ rs.sr_matched = NULL;
+ rs.sr_text = NULL;
+ rs.sr_ref = NULL;
+ rs.sr_ctrls = ectrls;
+ rs.sr_attrs = an;
+ rs.sr_entry = e;
+ rs.sr_v2ref = NULL;
- return rc;
+ if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&pOp ) != 0 ) {
+ return LDAP_OTHER;
+ }
+ return send_search_entry( pOp, &rs );
#else /* LDAP_SLAPI */
return -1;
#endif /* LDAP_SLAPI */
* According to acl.c it is safe to call test_filter() with
* NULL arguments...
*/
- rc = test_filter( be, conn, op, e, f );
+ rc = test_filter( op, e, f );
switch (rc) {
case LDAP_COMPARE_TRUE:
rc = 0;
struct berval *response )
{
#ifdef LDAP_SLAPI
- send_ldap_extended( conn,op, errornum, NULL, NULL, NULL,
- respName,response, NULL );
+ SlapReply rs;
+
+ rs.sr_err = errornum;
+ rs.sr_matched = NULL;
+ rs.sr_text = NULL;
+ rs.sr_ref = NULL;
+ rs.sr_ctrls = NULL;
+ rs.sr_rspoid = respName;
+ rs.sr_rspdata = response;
+
+ send_ldap_extended( op, &rs );
+
return LDAP_SUCCESS;
#else /* LDAP_SLAPI */
return -1;
#endif /* LDAP_SLAPI */
}
+#ifdef LDAP_SLAPI
/*
* Internal API to prime a Slapi_PBlock with a Backend.
*/
-int slapi_x_backend_set_pb( Slapi_PBlock *pb, Backend *be )
+static int initBackendPB( Slapi_PBlock *pb, Backend *be )
{
-#ifdef LDAP_SLAPI
int rc;
rc = slapi_pblock_set( pb, SLAPI_BACKEND, (void *)be );
}
return LDAP_SUCCESS;
-#else
- return -1;
-#endif /* LDAP_SLAPI */
}
-#ifdef LDAP_SLAPI
/*
* If oldStyle is TRUE, then a value suitable for setting to
* the deprecated SLAPI_CONN_AUTHTYPE value is returned
return authType;
}
-#endif
/*
* Internal API to prime a Slapi_PBlock with a Connection.
*/
-int slapi_x_connection_set_pb( Slapi_PBlock *pb, Connection *conn )
+static int initConnectionPB( Slapi_PBlock *pb, Connection *conn )
{
-#ifdef LDAP_SLAPI
char *connAuthType;
int rc;
}
return rc;
-#else
- return -1;
-#endif /* LDAP_SLAPI */
}
+#endif /* LDAP_SLAPI */
/*
* Internal API to prime a Slapi_PBlock with an Operation.
*/
-int slapi_x_operation_set_pb( Slapi_PBlock *pb, Operation *op )
+int slapi_x_pblock_set_operation( Slapi_PBlock *pb, Operation *op )
{
#ifdef LDAP_SLAPI
int isRoot = 0;
int isUpdateDn = 0;
int rc;
- Backend *be;
char *opAuthType;
- if ( slapi_pblock_get(pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
- be = NULL;
+ if ( op->o_bd != NULL ) {
+ isRoot = be_isroot( op->o_bd, &op->o_ndn );
+ isUpdateDn = be_isupdate( op->o_bd, &op->o_ndn );
}
- if (be != NULL) {
- isRoot = be_isroot( be, &op->o_ndn );
- isUpdateDn = be_isupdate( be, &op->o_ndn );
- }
-
+
+ rc = initBackendPB( pb, op->o_bd );
+ if ( rc != LDAP_SUCCESS )
+ return rc;
+
+ rc = initConnectionPB( pb, op->o_conn );
+ if ( rc != LDAP_SUCCESS )
+ return rc;
+
rc = slapi_pblock_set( pb, SLAPI_OPERATION, (void *)op );
if ( rc != LDAP_SUCCESS )
return rc;
int slapi_acl_check_mods(Slapi_PBlock *pb, Slapi_Entry *e, LDAPMod **mods, char **errbuf)
{
#ifdef LDAP_SLAPI
- Backend *be;
- Connection *conn;
Operation *op;
int ret;
Modifications *ml;
Modifications *next;
- if ( slapi_pblock_get( pb, SLAPI_BACKEND, (void *)&be ) != 0 ) {
- return LDAP_PARAM_ERROR;
- }
-
- if ( slapi_pblock_get( pb, SLAPI_CONNECTION, (void *)&conn ) != 0 ) {
- return LDAP_PARAM_ERROR;
- }
-
if ( slapi_pblock_get( pb, SLAPI_OPERATION, (void *)&op ) != 0 ) {
return LDAP_PARAM_ERROR;
}
return LDAP_OTHER;
}
- ret = acl_check_modlist( be, conn, op, e, ml );
+ ret = acl_check_modlist( op, e, ml );
/* Careful when freeing the modlist because it has pointers into the mods array. */
for ( ; ml != NULL; ml = next ) {
Modifications *slapi_x_ldapmods2modifications (LDAPMod **mods)
{
#ifdef LDAP_SLAPI
- Modifications *modlist, **modtail;
+ Modifications *modlist = NULL, **modtail;
LDAPMod **modp;
modtail = &modlist;
int slapi_x_compute_output_ber(computed_attr_context *c, Slapi_Attr *a, Slapi_Entry *e)
{
#ifdef LDAP_SLAPI
- Backend *be = NULL;
- Connection *conn = NULL;
Operation *op = NULL;
BerElement *ber;
AttributeDescription *desc = NULL;
return 1;
}
- rc = slapi_pblock_get( c->cac_pb, SLAPI_BACKEND, (void *)&be );
- if ( rc != 0 ) {
- be = NULL; /* no backend for root DSE */
- }
-
- rc = slapi_pblock_get( c->cac_pb, SLAPI_CONNECTION, (void *)&conn );
- if ( rc != 0 || conn == NULL ) {
- return rc;
- }
-
rc = slapi_pblock_get( c->cac_pb, SLAPI_OPERATION, (void *)&op );
if ( rc != 0 || op == NULL ) {
return rc;
}
}
- if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_READ, &c->cac_acl_state) ) {
+ if ( !access_allowed( op, e, desc, NULL, ACL_READ, &c->cac_acl_state) ) {
slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
"acl: access to attribute %s not allowed\n",
desc->ad_cname.bv_val );
if ( !c->cac_attrsonly ) {
for ( i = 0; a->a_vals[i].bv_val != NULL; i++ ) {
- if ( !access_allowed( be, conn, op, e,
+ if ( !access_allowed( op, e,
desc, &a->a_vals[i], ACL_READ, &c->cac_acl_state)) {
slapi_log_error( SLAPI_LOG_ACL, "SLAPI_COMPUTE",
"slapi_x_compute_output_ber: conn %lu "