SlapReply *rs )
{
struct berval id = {0, NULL}, old = {0, NULL}, new = {0, NULL},
- dn, ndn, hash, vals[2];
+ dn, ndn, hash, vals[2], tmpbv;
int freenew = 0;
Modifications ml, **modtail;
Operation op2;
return LDAP_STRONG_AUTH_REQUIRED;
}
- rs->sr_err = slap_passwd_parse( op->oq_extended.rs_reqdata, &id,
- &old, &new, &rs->sr_text );
+ ber_dupbv_x( &tmpbv, op->oq_extended.rs_reqdata, op->o_tmpmemctx );
+ rs->sr_err = slap_passwd_parse( &tmpbv, &id, &old, &new, &rs->sr_text );
if ( rs->sr_err != LDAP_SUCCESS ) {
return rs->sr_err;
}
ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
}
- if ( ndn.bv_len == 0 ) {
- rs->sr_text = "no password is associated with the Root DSE";
- return LDAP_UNWILLING_TO_PERFORM;
+ if( op->o_bd == NULL ) {
+#ifdef HAVE_CYRUS_SASL
+ return slap_sasl_setpass( op, rs );
+#else
+ rs->sr_text = "no authz backend";
+ return LDAP_OTHER;
+#endif
}
- if( op->o_bd && !op->o_bd->be_modify ) {
- rs->sr_text = "operation not supported for current user";
+ if ( ndn.bv_len == 0 ) {
+ rs->sr_text = "no password is associated with the Root DSE";
return LDAP_UNWILLING_TO_PERFORM;
}
return rs->sr_err;
}
- if( op->o_bd == NULL ) {
-#ifdef HAVE_CYRUS_SASL
- return slap_sasl_setpass( op, rs );
-#else
- rs->sr_text = "no authz backend";
- return LDAP_OTHER;
-#endif
- }
#ifndef SLAPD_MULTIMASTER
/* This does not apply to multi-master case */
return LDAP_REFERRAL;
}
#endif /* !SLAPD_MULTIMASTER */
+
+ /* Give the backend a chance to handle this itself */
+ if ( op->o_bd->be_extended ) {
+ rs->sr_err = op->o_bd->be_extended( op, rs );
+ if ( rs->sr_err != LDAP_UNWILLING_TO_PERFORM ) {
+ return rs->sr_err;
+ }
+ }
+
+ /* The backend didn't handle it, so try it here */
+ if( op->o_bd && !op->o_bd->be_modify ) {
+ rs->sr_text = "operation not supported for current user";
+ return LDAP_UNWILLING_TO_PERFORM;
+ }
+
if ( new.bv_len == 0 ) {
slap_passwd_generate( &new );
freenew = 1;
projects / openldap / commitdiff