ldapinfo_t *li = (ldapinfo_t *) op->o_bd->be_private;
ldapconn_t *lc = NULL;
- int rc,
- do_not_cache;
- ber_tag_t tag;
+ int rc;
struct berval bdn;
LDAPMessage *result = NULL,
*e = NULL;
SlapReply rs;
int do_retry = 1;
LDAPControl **ctrls = NULL;
+ Operation op2 = *op;
*ent = NULL;
/* Tell getconn this is a privileged op */
- do_not_cache = op->o_do_not_cache;
- tag = op->o_tag;
- /* do not cache */
- op->o_do_not_cache = 1;
+ op2.o_do_not_cache = 1;
+ /* use rootdn to be doubly explicit this is privileged */
+ op2.o_dn = op->o_bd->be_rootdn;
+ op2.o_ndn = op->o_bd->be_rootndn;
/* ldap_back_entry_get() is an entry lookup, so it does not need
* to know what the entry is being looked up for */
- op->o_tag = LDAP_REQ_SEARCH;
- rc = ldap_back_dobind( &lc, op, &rs, LDAP_BACK_DONTSEND );
- op->o_do_not_cache = do_not_cache;
- op->o_tag = tag;
+ op2.o_tag = LDAP_REQ_SEARCH;
+ op2.o_ctrls = NULL;
+ rc = ldap_back_dobind( &lc, &op2, &rs, LDAP_BACK_DONTSEND );
if ( !rc ) {
return rs.sr_err;
}
}
retry:
- ctrls = op->o_ctrls;
- rc = ldap_back_controls_add( op, &rs, lc, &ctrls );
+ ctrls = NULL;
+ rc = ldap_back_controls_add( &op2, &rs, lc, &ctrls );
if ( rc != LDAP_SUCCESS ) {
goto cleanup;
}
if ( rc != LDAP_SUCCESS ) {
if ( rc == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
- if ( ldap_back_retry( &lc, op, &rs, LDAP_BACK_DONTSEND ) ) {
+ if ( ldap_back_retry( &lc, &op2, &rs, LDAP_BACK_DONTSEND ) ) {
/* if the identity changed, there might be need to re-authz */
- (void)ldap_back_controls_free( op, &rs, &ctrls );
+ (void)ldap_back_controls_free( &op2, &rs, &ctrls );
goto retry;
}
}
}
cleanup:
- (void)ldap_back_controls_free( op, &rs, &ctrls );
+ (void)ldap_back_controls_free( &op2, &rs, &ctrls );
if ( result ) {
ldap_msgfree( result );
projects / openldap / commitdiff