ITS#6753 use slap_compare_entry()

diff --git a/servers/slapd/back-bdb/compare.c b/servers/slapd/back-bdb/compare.c
index cd1058de612a401b5f748f777a8e90dbcd073b50..c333fa5247f26b9b42b5ab2dea41f13462e1e971 100644 (file)
--- a/servers/slapd/back-bdb/compare.c
+++ b/servers/slapd/back-bdb/compare.c
@@ -135,39 +135,7 @@ dn2entry_retry:
                goto return_results;
        }
 
-       if ( !access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
-               &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL ) )
-       {
-               /* return error only if "disclose"
-                * is granted on the object */
-               if ( !access_allowed( op, e, slap_schema.si_ad_entry,
-                                       NULL, ACL_DISCLOSE, NULL ) )
-               {
-                       rs->sr_err = LDAP_NO_SUCH_OBJECT;
-               } else {
-                       rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
-               }
-               goto return_results;
-       }
-
-       rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
-
-       for ( a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
-               a != NULL;
-               a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ) )
-       {
-               rs->sr_err = LDAP_COMPARE_FALSE;
-
-               if ( attr_valfind( a,
-                       SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
-                               SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
-                       &op->oq_compare.rs_ava->aa_value, NULL,
-                       op->o_tmpmemctx ) == 0 )
-               {
-                       rs->sr_err = LDAP_COMPARE_TRUE;
-                       break;
-               }
-       }
+       rs->sr_err = slap_compare_entry( op, e, op->orc_ava );
 
 return_results:
        send_ldap_result( op, rs );

diff --git a/servers/slapd/back-monitor/compare.c b/servers/slapd/back-monitor/compare.c
index 3fb71e0db2263f5188d14cc722a5d9dc94e97d21..8fa2fa4154232e776d7b7b74f9c6cbda097adb8f 100644 (file)
--- a/servers/slapd/back-monitor/compare.c
+++ b/servers/slapd/back-monitor/compare.c
@@ -57,30 +57,7 @@ monitor_back_compare( Operation *op, SlapReply *rs )
                return rs->sr_err;
        }
 
-       rs->sr_err = access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
-                       &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL );
-       if ( !rs->sr_err ) {
-               rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
-               goto return_results;
-       }
-
-       rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
-
-       for ( a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
-                       a != NULL;
-                       a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc )) {
-               rs->sr_err = LDAP_COMPARE_FALSE;
-
-               if ( attr_valfind( a,
-                       SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
-                               SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
-                       &op->oq_compare.rs_ava->aa_value, NULL,
-                       op->o_tmpmemctx ) == 0 )
-               {
-                       rs->sr_err = LDAP_COMPARE_TRUE;
-                       break;
-               }
-       }
+       rs->sr_err = slap_compare_entry( op, e, op->orc_ava );
 
 return_results:;
        rc = rs->sr_err;
@@ -90,15 +67,7 @@ return_results:;
                rc = LDAP_SUCCESS;
                break;
 
-       case LDAP_NO_SUCH_ATTRIBUTE:
-               break;
-
        default:
-               if ( !access_allowed_mask( op, e, slap_schema.si_ad_entry,
-                               NULL, ACL_DISCLOSE, NULL, NULL ) )
-               {
-                       rs->sr_err = LDAP_NO_SUCH_OBJECT;
-               }
                break;
        }