X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fback-ldap%2Fextended.c;h=364d8905f9dfe5a348fb04aa1a43cb130a7dc75c;hb=c59e89de2f86cd319b02b9344a856ff0c0d55582;hp=8f643e1c9324833e5e05c903037a25124e241260;hpb=68c5f6fa985c9ea5ef2ff52ccee75b26741fea27;p=openldap

diff --git a/servers/slapd/back-ldap/extended.c b/servers/slapd/back-ldap/extended.c
index 8f643e1c93..364d8905f9 100644
--- a/servers/slapd/back-ldap/extended.c
+++ b/servers/slapd/back-ldap/extended.c
@@ -1,9 +1,24 @@
 /* extended.c - ldap backend extended routines */
 /* $OpenLDAP$ */
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 2003 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
  */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by the Howard Chu for inclusion
+ * in OpenLDAP Software and subsequently enhanced by Pierangelo
+ * Masarati. 
+ */
+/* This is an altered version */
 
 #include "portable.h"
 
@@ -33,7 +48,40 @@ ldap_back_extended(
 
 	for( i=0; exop_table[i].extended != NULL; i++ ) {
 		if( ber_bvcmp( exop_table[i].oid, &op->oq_extended.rs_reqoid ) == 0 ) {
+#ifdef LDAP_BACK_PROXY_AUTHZ 
+			struct ldapconn *lc;
+			LDAPControl **oldctrls = NULL;
+			int rc;
+
+			/* FIXME: this needs to be called here, so it is
+			 * called twice; maybe we could avoid the 
+			 * ldap_back_dobind() call inside each extended()
+			 * call ... */
+			lc = ldap_back_getconn(op, rs);
+			if (!lc || !ldap_back_dobind(lc, op, rs) ) {
+				return -1;
+			}
+
+			oldctrls = op->o_ctrls;
+			if ( ldap_back_proxy_authz_ctrl( lc, op, rs, &op->o_ctrls ) ) {
+				op->o_ctrls = oldctrls;
+				send_ldap_result( op, rs );
+				rs->sr_text = NULL;
+				return rs->sr_err;
+			}
+
+			rc = (exop_table[i].extended)( op, rs );
+
+			if ( op->o_ctrls && op->o_ctrls != oldctrls ) {
+				free( op->o_ctrls[ 0 ] );
+				free( op->o_ctrls );
+			}
+			op->o_ctrls = oldctrls;
+
+			return rc;
+#else /* ! LDAP_BACK_PROXY_AUTHZ */
 			return (exop_table[i].extended)( op, rs );
+#endif /* ! LDAP_BACK_PROXY_AUTHZ */
 		}
 	}
 
@@ -85,7 +133,7 @@ ldap_back_exop_passwd(
 		return LDAP_UNWILLING_TO_PERFORM;
 	}
 	if (id.bv_len) {
-		dc.li = li;
+		dc.rwmap = &li->rwmap;
 #ifdef ENABLE_REWRITE
 		dc.conn = op->o_conn;
 		dc.rs = rs;