X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=servers%2Fslapd%2Fback-ldbm%2Fcompare.c;h=4fff70baa5751ed243ed08327b2e9634a4b89ee9;hb=51190984eefbdbedd47185e41ece37f72773744d;hp=d3a4a4d90ba7455cd9293b0764590010b092319f;hpb=853a1371d176053fa7f66d3e302d97f1b0ef8067;p=openldap

diff --git a/servers/slapd/back-ldbm/compare.c b/servers/slapd/back-ldbm/compare.c
index d3a4a4d90b..4fff70baa5 100644
--- a/servers/slapd/back-ldbm/compare.c
+++ b/servers/slapd/back-ldbm/compare.c
@@ -1,4 +1,9 @@
 /* compare.c - ldbm backend compare routine */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
 
 #include "portable.h"
 
@@ -11,47 +16,90 @@
 #include "back-ldbm.h"
 #include "proto-back-ldbm.h"
 
-extern Attribute	*attr_find();
-
 int
 ldbm_back_compare(
     Backend	*be,
     Connection	*conn,
     Operation	*op,
     char	*dn,
+    char	*ndn,
     Ava		*ava
 )
 {
 	struct ldbminfo	*li = (struct ldbminfo *) be->be_private;
-	char		*matched;
+	Entry		*matched;
 	Entry		*e;
 	Attribute	*a;
 	int		rc;
+	int		manageDSAit = get_manageDSAit( op );
 
 	/* get entry with reader lock */
-	if ( (e = dn2entry_r( be, dn, &matched )) == NULL ) {
-		send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched, "" );
+	if ( (e = dn2entry_r( be, ndn, &matched )) == NULL ) {
+		char *matched_dn = NULL;
+		struct berval **refs = NULL;
+
+		if ( matched != NULL ) {
+			matched_dn = ch_strdup( matched->e_dn );
+			refs = is_entry_referral( matched )
+				? get_entry_referrals( be, conn, op, matched )
+				: NULL;
+			cache_return_entry_r( &li->li_cache, matched );
+		} else {
+			refs = default_referral;
+		}
+
+		send_ldap_result( conn, op, LDAP_REFERRAL,
+			matched_dn, NULL, refs, NULL );
+
+		if( matched != NULL ) {
+			ber_bvecfree( refs );
+			free( matched_dn );
+		}
+
 		return( 1 );
 	}
 
-	/* check for deleted */
-	if ( ! access_allowed( be, conn, op, e, ava->ava_type, &ava->ava_value,
-	    op->o_dn, ACL_COMPARE ) ) {
-		send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS, "", "" );
+	if (!manageDSAit && is_entry_referral( e ) ) {
+		/* entry is a referral, don't allow add */
+		struct berval **refs = get_entry_referrals( be,
+			conn, op, e );
+
+		Debug( LDAP_DEBUG_TRACE, "entry is referral\n", 0,
+		    0, 0 );
+
+		send_ldap_result( conn, op, LDAP_REFERRAL,
+		    e->e_dn, NULL, refs, NULL );
+
+		ber_bvecfree( refs );
+
+		rc = 1;
+		goto return_results;
+	}
+
+	if ( ! access_allowed( be, conn, op, e,
+		ava->ava_type, &ava->ava_value, ACL_COMPARE ) )
+	{
+		send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
+			NULL, NULL, NULL, NULL );
 		rc = 1;
 		goto return_results;
 	}
 
 	if ( (a = attr_find( e->e_attrs, ava->ava_type )) == NULL ) {
-		send_ldap_result( conn, op, LDAP_NO_SUCH_ATTRIBUTE, "", "" );
+		send_ldap_result( conn, op, LDAP_NO_SUCH_ATTRIBUTE,
+			NULL, NULL, NULL, NULL );
 		rc = 1;
 		goto return_results;
 	}
 
+#ifdef SLAPD_SCHEMA_COMPAT
 	if ( value_find( a->a_vals, &ava->ava_value, a->a_syntax, 1 ) == 0 ) 
-		send_ldap_result( conn, op, LDAP_COMPARE_TRUE, "", "" );
+		send_ldap_result( conn, op, LDAP_COMPARE_TRUE,
+			NULL, NULL, NULL, NULL );
 	else
-		send_ldap_result( conn, op, LDAP_COMPARE_FALSE, "", "" );
+#endif
+		send_ldap_result( conn, op, LDAP_COMPARE_FALSE,
+			NULL, NULL, NULL, NULL );
 
 	rc = 0;