int rc;
rc = register_supported_control( LDAP_CONTROL_X_CHAINING_BEHAVIOR,
- /* SLAP_CTRL_FRONTEND| */ SLAP_CTRL_ACCESS|SLAP_CTRL_HIDE, NULL,
+ /* SLAP_CTRL_GLOBAL| */ SLAP_CTRL_ACCESS|SLAP_CTRL_HIDE, NULL,
ldap_chain_parse_ctrl, &sc_chainingBehavior );
if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, "Failed to register chaining behavior control: %d\n", rc );
if((nBackendInfo != 0) || (backendInfo != NULL)) {
/* already initialized */
Debug( LDAP_DEBUG_ANY,
- "backend_init: already initialized.\n", 0, 0, 0 );
+ "backend_init: already initialized\n", 0, 0, 0 );
return -1;
}
if( ctrls ) {
for( ; *ctrls != NULL ; ctrls++ ) {
- if(
+ int cid;
+ if( slap_find_control_id( (*ctrls)->ldctl_oid, &cid ) ==
+ LDAP_CONTROL_NOT_FOUND )
+ {
+ /* unrecognized control */
+ if ( (*ctrls)->ldctl_iscritical ) {
+ /* should not be reachable */
+ Debug( LDAP_DEBUG_ANY,
+ "backend_check_controls: unrecognized control: %s\n",
+ (*ctrls)->ldctl_oid, 0, 0 );
+ assert( 0 );
+ }
+
+ } else if (
#ifdef SLAP_CONTROL_AVAILABILITY_KLUDGE
/* KLUDGE: ldctl_iscritical munged by controls.c:get_ctrls()
* to ensure this check is enabled/disabled appropriately.
*/
(*ctrls)->ldctl_iscritical &&
+#else
+ !slap_global_control( op, (*ctrls)->ldctl_oid )
#endif
- !ldap_charray_inlist( op->o_bd->be_controls,
+ && !ldap_charray_inlist( op->o_bd->be_controls,
(*ctrls)->ldctl_oid ) )
{
/* Per RFC 2251 (and LDAPBIS discussions), if the control
#ifdef LDAP_CONTROL_X_DOMAIN_SCOPE
{ LDAP_CONTROL_X_DOMAIN_SCOPE,
(int)offsetof(struct slap_control_ids, sc_domainScope),
- SLAP_CTRL_FRONTEND|SLAP_CTRL_SEARCH, NULL,
+ SLAP_CTRL_GLOBAL|SLAP_CTRL_SEARCH, NULL,
parseDomainScope, LDAP_SLIST_ENTRY_INITIALIZER(next) },
#endif
#ifdef LDAP_CONTROL_X_PERMISSIVE_MODIFY
#ifdef LDAP_CONTORL_X_SEARCH_OPTIONS
{ LDAP_CONTORL_X_SEARCH_OPTIONS,
(int)offsetof(struct slap_control_ids, sc_searchOptions),
- SLAP_CTRL_FRONTEND|SLAP_CTRL_SEARCH, NULL,
+ SLAP_CTRL_GLOBAL|SLAP_CTRL_SEARCH, NULL,
parseSearchOptions, LDAP_SLIST_ENTRY_INITIALIZER(next) },
#endif
#ifdef LDAP_CONTROL_SUBENTRIES
parseManageDSAit, LDAP_SLIST_ENTRY_INITIALIZER(next) },
{ LDAP_CONTROL_PROXY_AUTHZ,
(int)offsetof(struct slap_control_ids, sc_proxyAuthz),
- SLAP_CTRL_FRONTEND|SLAP_CTRL_ACCESS, proxy_authz_extops,
+ SLAP_CTRL_GLOBAL|SLAP_CTRL_ACCESS, proxy_authz_extops,
parseProxyAuthz, LDAP_SLIST_ENTRY_INITIALIZER(next) },
{ NULL, 0, 0, NULL, 0, LDAP_SLIST_ENTRY_INITIALIZER(next) }
};
return LDAP_CONTROL_NOT_FOUND;
}
+int
+slap_global_control( Operation *op, const char *oid )
+{
+ struct slap_control *ctrl = find_ctrl( oid );
+
+ if ( ctrl == NULL ) {
+ /* should not be reachable */
+ Debug( LDAP_DEBUG_ANY,
+ "slap_global_control: unrecognized control: %s\n",
+ oid, 0, 0 );
+ assert( 0 );
+ return 0;
+ }
+
+ if ( ctrl->sc_mask & SLAP_CTRL_GLOBAL ) return 1;
+
+ if (( op->o_tag & LDAP_REQ_SEARCH ) &&
+ ( ctrl->sc_mask & SLAP_CTRL_GLOBAL_SEARCH ))
+ {
+ return 1;
+ }
+
+ Debug( LDAP_DEBUG_ANY,
+ "slap_global_control: unavailable control: %s\n",
+ oid, 0, 0 );
+ return 0;
+}
+
void slap_free_ctrls(
Operation *op,
LDAPControl **ctrls )
}
#ifdef SLAP_CONTROL_AVAILABILITY_KLUDGE
- if ( sc->sc_mask & SLAP_CTRL_FRONTEND ) {
+ /* backend_check_controls() kludge */
+ if ( sc->sc_mask & SLAP_CTRL_GLOBAL ) {
/* KLUDGE: disable backend_control() check */
c->ldctl_iscritical = 0;
} else if ( tagmask == SLAP_CTRL_SEARCH &&
- sc->sc_mask & SLAP_CTRL_FRONTEND_SEARCH )
+ sc->sc_mask & SLAP_CTRL_GLOBAL_SEARCH )
{
/* KLUDGE: disable backend_control() check */
c->ldctl_iscritical = 0;
LDAP_SLAPD_F (int) slap_controls_init LDAP_P ((void));
LDAP_SLAPD_F (void) controls_destroy LDAP_P ((void));
LDAP_SLAPD_F (int) controls_root_dse_info LDAP_P ((Entry *e));
-LDAP_SLAPD_F (int) get_supported_controls LDAP_P (( char ***ctrloidsp, slap_mask_t **ctrlmasks ));
-LDAP_SLAPD_F (int) slap_find_control_id LDAP_P (( const char *oid, int *cid ));
+LDAP_SLAPD_F (int) get_supported_controls LDAP_P ((
+ char ***ctrloidsp, slap_mask_t **ctrlmasks ));
+LDAP_SLAPD_F (int) slap_find_control_id LDAP_P ((
+ const char *oid, int *cid ));
+LDAP_SLAPD_F (int) slap_global_control LDAP_P ((
+ Operation *op, const char *oid ));
/*
* config.c
LDAP_SLAPD_F (int) read_config LDAP_P(( const char *fname, int depth ));
LDAP_SLAPD_F (void) config_destroy LDAP_P ((void));
LDAP_SLAPD_F (char **) slap_str2clist LDAP_P((
- char ***,
- char *,
- const char * ));
+ char ***, char *, const char * ));
#ifdef LDAP_SLAPI
LDAP_SLAPD_V (int) slapi_plugins_used;
#endif
LDAP_BEGIN_DECL
-#define SLAP_CONTROL_AVAILABILITY_KLUDGE
+/* #define SLAP_CONTROL_AVAILABILITY_KLUDGE */
#ifdef LDAP_DEVEL
#define SLAP_ACL_HONOR_DISCLOSE /* partially implemented */
#define SLAP_CTRL_HIDE 0x80000000U
#endif
-#define SLAP_CTRL_FRONTEND 0x00800000U
-#define SLAP_CTRL_FRONTEND_SEARCH 0x00010000U /* for NOOP */
+#define SLAP_CTRL_GLOBAL 0x00800000U
+#define SLAP_CTRL_GLOBAL_SEARCH 0x00010000U /* for NOOP */
#define SLAP_CTRL_OPFLAGS 0x0000FFFFU
#define SLAP_CTRL_ABANDON 0x00000001U
if ( slapi_mask & SLAPI_OPERATION_ABANDON )
*slap_mask |= SLAP_CTRL_ABANDON;
- *slap_mask |= SLAP_CTRL_FRONTEND;
+ *slap_mask |= SLAP_CTRL_GLOBAL;
}
static int
projects / openldap / commitdiff