X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=servers%2Fslapd%2Fback-bdb%2Fbind.c;h=228fe72db7fe6acb9319a79b412124751451be67;hb=f84fc59378be5887f7f0dcc84dc0cae785c3084e;hp=3f6b37a908a9b02116471645c4afcebd982c2ddf;hpb=4c7d288eb7175110c8916b135b10de0f75e97587;p=openldap diff --git a/servers/slapd/back-bdb/bind.c b/servers/slapd/back-bdb/bind.c index 3f6b37a908..228fe72db7 100644 --- a/servers/slapd/back-bdb/bind.c +++ b/servers/slapd/back-bdb/bind.c @@ -2,7 +2,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 2000-2007 The OpenLDAP Foundation. + * Copyright 2000-2013 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -32,39 +32,30 @@ bdb_bind( Operation *op, SlapReply *rs ) AttributeDescription *password = slap_schema.si_ad_userPassword; - BDB_LOCKER locker; + DB_TXN *rtxn; DB_LOCK lock; Debug( LDAP_DEBUG_ARGS, "==> " LDAP_XSTRING(bdb_bind) ": dn: %s\n", op->o_req_dn.bv_val, 0, 0); -#ifdef LDAP_DEVEL - /* allow noauth binds */ - switch ( be_rootdn_bind( op, rs ) ) { - case SLAP_CB_CONTINUE: - break; - - default: - /* in case of success, frontend will send result; - * otherwise, be_rootdn_bind() did */ - return rs->sr_err; - } - -#else /* traditional */ /* allow noauth binds */ switch ( be_rootdn_bind( op, NULL ) ) { case LDAP_SUCCESS: /* frontend will send result */ - return rs->sr_err; + return rs->sr_err = LDAP_SUCCESS; default: - /* give the database a chanche */ + /* give the database a chance */ + /* NOTE: this behavior departs from that of other backends, + * since the others, in case of password checking failure + * do not give the database a chance. If an entry with + * rootdn's name does not exist in the database the result + * will be the same. See ITS#4962 for discussion. */ break; } -#endif /* traditional */ - rs->sr_err = LOCK_ID(bdb->bi_dbenv, &locker); + rs->sr_err = bdb_reader_get(op, bdb->bi_dbenv, &rtxn); switch(rs->sr_err) { case 0: break; @@ -76,8 +67,8 @@ bdb_bind( Operation *op, SlapReply *rs ) dn2entry_retry: /* get entry with reader lock */ - rs->sr_err = bdb_dn2entry( op, NULL, &op->o_req_ndn, &ei, 1, - locker, &lock ); + rs->sr_err = bdb_dn2entry( op, rtxn, &op->o_req_ndn, &ei, 1, + &lock ); switch(rs->sr_err) { case DB_NOTFOUND: @@ -85,14 +76,12 @@ dn2entry_retry: break; case LDAP_BUSY: send_ldap_error( op, rs, LDAP_BUSY, "ldap_server_busy" ); - LOCK_ID_FREE(bdb->bi_dbenv, locker); return LDAP_BUSY; case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: goto dn2entry_retry; default: send_ldap_error( op, rs, LDAP_OTHER, "internal error" ); - LOCK_ID_FREE(bdb->bi_dbenv, locker); return rs->sr_err; } @@ -106,8 +95,6 @@ dn2entry_retry: rs->sr_err = LDAP_INVALID_CREDENTIALS; send_ldap_result( op, rs ); - LOCK_ID_FREE(bdb->bi_dbenv, locker); - return rs->sr_err; } @@ -167,8 +154,6 @@ done: bdb_cache_return_entry_r( bdb, e, &lock ); } - LOCK_ID_FREE(bdb->bi_dbenv, locker); - if ( rs->sr_err ) { send_ldap_result( op, rs ); if ( rs->sr_ref ) {