Fixed slapd config leak with olcDbDirectory (ITS#6634)
Fixed slapd connectionless warnings (ITS#6747)
Fixed slapd to free controls if needed (ITS#6629)
+ Fixed slapd entry comparisons (ITS#6753)
Fixed slapd filter leak (ITS#6635)
Fixed slapd matching rules for strict ordering (ITS#6722)
Fixed slapd extensible match for ordering rules (ITS#6532)
goto done;
}
- if ( get_assert( op ) &&
- ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
- {
- if ( !access_allowed( op, e, slap_schema.si_ad_entry,
- NULL, ACL_DISCLOSE, NULL ) )
- {
- rs->sr_err = LDAP_NO_SUCH_OBJECT;
- } else {
- rs->sr_err = LDAP_ASSERTION_FAILED;
- }
- goto return_results;
- }
-
- if ( !access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
- &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL ) )
- {
- /* return error only if "disclose"
- * is granted on the object */
- if ( !access_allowed( op, e, slap_schema.si_ad_entry,
- NULL, ACL_DISCLOSE, NULL ) )
- {
- rs->sr_err = LDAP_NO_SUCH_OBJECT;
- } else {
- rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
- }
- goto return_results;
- }
-
- rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
-
- for ( a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
- a != NULL;
- a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc ) )
- {
- rs->sr_err = LDAP_COMPARE_FALSE;
-
- if ( attr_valfind( a,
- SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
- SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
- &op->oq_compare.rs_ava->aa_value, NULL,
- op->o_tmpmemctx ) == 0 )
- {
- rs->sr_err = LDAP_COMPARE_TRUE;
- break;
- }
- }
+ rs->sr_err = slap_compare_entry( op, e, op->orc_ava );
return_results:
send_ldap_result( op, rs );
return rs->sr_err;
}
- rs->sr_err = access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
- &op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL );
- if ( !rs->sr_err ) {
- rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
- goto return_results;
- }
-
- rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
-
- for ( a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
- a != NULL;
- a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc )) {
- rs->sr_err = LDAP_COMPARE_FALSE;
-
- if ( attr_valfind( a,
- SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
- SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
- &op->oq_compare.rs_ava->aa_value, NULL,
- op->o_tmpmemctx ) == 0 )
- {
- rs->sr_err = LDAP_COMPARE_TRUE;
- break;
- }
- }
+ rs->sr_err = slap_compare_entry( op, e, op->orc_ava );
return_results:;
rc = rs->sr_err;
rc = LDAP_SUCCESS;
break;
- case LDAP_NO_SUCH_ATTRIBUTE:
- break;
-
default:
- if ( !access_allowed_mask( op, e, slap_schema.si_ad_entry,
- NULL, ACL_DISCLOSE, NULL, NULL ) )
- {
- rs->sr_err = LDAP_NO_SUCH_OBJECT;
- }
break;
}
#include "slap.h"
-static int compare_entry(
- Operation *op,
- Entry *e,
- AttributeAssertion *ava );
-
int
do_compare(
Operation *op,
}
if( entry ) {
- rs->sr_err = compare_entry( op, entry, ava );
+ rs->sr_err = slap_compare_entry( op, entry, ava );
entry_free( entry );
send_ldap_result( op, rs );
return rs->sr_err;
}
-static int compare_entry(
+int slap_compare_entry(
Operation *op,
Entry *e,
AttributeAssertion *ava )
goto done;
}
+ if ( get_assert( op ) &&
+ ( test_filter( op, e, get_assertion( op )) != LDAP_COMPARE_TRUE ))
+ {
+ rc = LDAP_ASSERTION_FAILED;
+ goto done;
+ }
+
a = attrs_find( e->e_attrs, ava->aa_desc );
if( a == NULL ) {
rc = LDAP_NO_SUCH_ATTRIBUTE;
goto done;
}
- for(a = attrs_find( e->e_attrs, ava->aa_desc );
+ for(;
a != NULL;
a = attrs_find( a->a_next, ava->aa_desc ))
{
#define free ch_free
#endif
+/*
+ * compare.c
+ */
+
+LDAP_SLAPD_F (int) slap_compare_entry LDAP_P((
+ Operation *op,
+ Entry *e,
+ AttributeAssertion *ava ));
+
/*
* component.c
*/
projects / openldap / commitdiff