fix ITS#4686 (retry with idassert)

author Pierangelo Masarati <ando@openldap.org>

Tue, 26 Sep 2006 15:12:07 +0000 (15:12 +0000)

committer Pierangelo Masarati <ando@openldap.org>

Tue, 26 Sep 2006 15:12:07 +0000 (15:12 +0000)
author Pierangelo Masarati <ando@openldap.org>
Tue, 26 Sep 2006 15:12:07 +0000 (15:12 +0000)
committer Pierangelo Masarati <ando@openldap.org>
Tue, 26 Sep 2006 15:12:07 +0000 (15:12 +0000)
diff --git a/servers/slapd/back-meta/add.c b/servers/slapd/back-meta/add.c

index 66afd66e11aa6e209199c9d9f8acff1c3b0d36f3..2d318bb1f04030d16459264cb230fe41419f92d5 100644 (file)
--- a/servers/slapd/back-meta/add.c
+++ b/servers/slapd/back-meta/add.c
@@ -167,6 +167,7 @@ meta_back_add( Operation *op, SlapReply *rs )
         }
         attrs[ i ] = NULL;
  
+retry:;
         ctrls = op->o_ctrls;
         if ( ldap_back_proxy_authz_ctrl( &mc->mc_conns[ candidate ].msc_bound_ndn,
                 mt->mt_version, &mt->mt_idassert, op, rs, &ctrls ) != LDAP_SUCCESS )
@@ -175,7 +176,6 @@ meta_back_add( Operation *op, SlapReply *rs )
                 goto cleanup;
         }
  
-retry:;
         rs->sr_err = ldap_add_ext( mc->mc_conns[ candidate ].msc_ld, mdn.bv_val,
                               attrs, ctrls, NULL, &msgid );
         rs->sr_err = meta_back_op_result( mc, op, rs, candidate, msgid,
@@ -183,6 +183,8 @@ retry:;
         if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
                 do_retry = 0;
                 if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
+                       /* if the identity changed, there might be need to re-authz */
+                       (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
                         goto retry;
                 }
         }
diff --git a/servers/slapd/back-meta/delete.c b/servers/slapd/back-meta/delete.c

index 586f4bcffe997a6387daf6de3a4ffc5814df9db5..14ded8b4a81cc85421a453380b531030de1d153a 100644 (file)
--- a/servers/slapd/back-meta/delete.c
+++ b/servers/slapd/back-meta/delete.c
@@ -65,6 +65,7 @@ meta_back_delete( Operation *op, SlapReply *rs )
                 goto cleanup;
         }
  
+retry:;
         ctrls = op->o_ctrls;
         if ( ldap_back_proxy_authz_ctrl( &mc->mc_conns[ candidate ].msc_bound_ndn,
                 mt->mt_version, &mt->mt_idassert, op, rs, &ctrls ) != LDAP_SUCCESS )
@@ -73,7 +74,6 @@ meta_back_delete( Operation *op, SlapReply *rs )
                 goto cleanup;
         }
  
-retry:;
         rs->sr_err = ldap_delete_ext( mc->mc_conns[ candidate ].msc_ld,
                         mdn.bv_val, ctrls, NULL, &msgid );
         rs->sr_err = meta_back_op_result( mc, op, rs, candidate, msgid,
@@ -81,6 +81,8 @@ retry:;
         if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
                 do_retry = 0;
                 if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
+                       /* if the identity changed, there might be need to re-authz */
+                       (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
                         goto retry;
                 }
         }
diff --git a/servers/slapd/back-meta/modify.c b/servers/slapd/back-meta/modify.c

index 437d744c92b3f3e214544ff637ccd8980f392add..9b86b49b29fa6f01dbd9ab5c2ff7a7789bf0b377 100644 (file)
--- a/servers/slapd/back-meta/modify.c
+++ b/servers/slapd/back-meta/modify.c
@@ -176,6 +176,7 @@ meta_back_modify( Operation *op, SlapReply *rs )
         }
         modv[ i ] = 0;
  
+retry:;
         ctrls = op->o_ctrls;
         rc = ldap_back_proxy_authz_ctrl( &mc->mc_conns[ candidate ].msc_bound_ndn,
                 mt->mt_version, &mt->mt_idassert, op, rs, &ctrls );
@@ -184,7 +185,6 @@ meta_back_modify( Operation *op, SlapReply *rs )
                 goto cleanup;
         }
  
-retry:;
         rs->sr_err = ldap_modify_ext( mc->mc_conns[ candidate ].msc_ld, mdn.bv_val,
                         modv, ctrls, NULL, &msgid );
         rs->sr_err = meta_back_op_result( mc, op, rs, candidate, msgid,
@@ -192,6 +192,8 @@ retry:;
         if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
                 do_retry = 0;
                 if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
+                       /* if the identity changed, there might be need to re-authz */
+                       (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
                         goto retry;
                 }
         }
diff --git a/servers/slapd/back-meta/modrdn.c b/servers/slapd/back-meta/modrdn.c

index c009afc84c205d7448a8881b185f153d12e4b144..f6e27c64902f3d622e1c7363e982eb50825dd366 100644 (file)
--- a/servers/slapd/back-meta/modrdn.c
+++ b/servers/slapd/back-meta/modrdn.c
@@ -118,6 +118,7 @@ meta_back_modrdn( Operation *op, SlapReply *rs )
                 goto cleanup;
         }
  
+retry:;
         ctrls = op->o_ctrls;
         if ( ldap_back_proxy_authz_ctrl( &mc->mc_conns[ candidate ].msc_bound_ndn,
                 mt->mt_version, &mt->mt_idassert, op, rs, &ctrls ) != LDAP_SUCCESS )
@@ -126,7 +127,6 @@ meta_back_modrdn( Operation *op, SlapReply *rs )
                 goto cleanup;
         }
  
-retry:;
         rs->sr_err = ldap_rename( mc->mc_conns[ candidate ].msc_ld,
                         mdn.bv_val, op->orr_newrdn.bv_val,
                         mnewSuperior.bv_val, op->orr_deleteoldrdn,
@@ -136,6 +136,8 @@ retry:;
         if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
                 do_retry = 0;
                 if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
+                       /* if the identity changed, there might be need to re-authz */
+                       (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
                         goto retry;
                 }
         }
diff --git a/servers/slapd/back-meta/search.c b/servers/slapd/back-meta/search.c

index 650afddfb7c240723640920c909eb2efd4f91714..cc7647bf6905ecc083db564a3ed178a22efd9ed2 100644 (file)
--- a/servers/slapd/back-meta/search.c
+++ b/servers/slapd/back-meta/search.c
@@ -454,6 +454,7 @@ meta_back_search_start(
                 tvp = &tv;
         }
  
+retry:;
         ctrls = op->o_ctrls;
         if ( ldap_back_proxy_authz_ctrl( &msc->msc_bound_ndn,
                 mt->mt_version, &mt->mt_idassert, op, rs, &ctrls )
@@ -467,7 +468,6 @@ meta_back_search_start(
         /*
          * Starts the search
          */
-retry:;
         assert( msc->msc_ld != NULL );
         rc = ldap_search_ext( msc->msc_ld,
                         mbase.bv_val, realscope, mfilter.bv_val,
@@ -482,6 +482,8 @@ retry:;
         case LDAP_SERVER_DOWN:
                 if ( nretries && meta_back_retry( op, rs, mcp, candidate, LDAP_BACK_DONTSEND ) ) {
                         nretries = 0;
+                       /* if the identity changed, there might be need to re-authz */
+                       (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
                         goto retry;
                 }
author	Pierangelo Masarati <ando@openldap.org>
	Tue, 26 Sep 2006 15:12:07 +0000 (15:12 +0000)
committer	Pierangelo Masarati <ando@openldap.org>
	Tue, 26 Sep 2006 15:12:07 +0000 (15:12 +0000)
servers/slapd/back-meta/add.c		patch \| blob \| history
servers/slapd/back-meta/delete.c		patch \| blob \| history
servers/slapd/back-meta/modify.c		patch \| blob \| history
servers/slapd/back-meta/modrdn.c		patch \| blob \| history
servers/slapd/back-meta/search.c		patch \| blob \| history