From: Pierangelo Masarati Date: Wed, 19 Jan 2005 22:59:25 +0000 (+0000) Subject: cleanup; add proxyAuthz capability X-Git-Tag: OPENLDAP_REL_ENG_2_3_BP~317 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=90cc75f1a1291a7bb7a148fdee5759054003cdfc;p=openldap cleanup; add proxyAuthz capability --- diff --git a/servers/slapd/back-ldap/search.c b/servers/slapd/back-ldap/search.c index 0b7a958d3a..4cf1c72b3d 100644 --- a/servers/slapd/back-ldap/search.c +++ b/servers/slapd/back-ldap/search.c @@ -498,7 +498,6 @@ ldap_back_entry_get( { struct ldapconn *lc; int rc = 1, - is_oc, do_not_cache; struct berval bdn; LDAPMessage *result = NULL, @@ -508,6 +507,7 @@ ldap_back_entry_get( Connection *oconn; SlapReply rs; int do_retry = 1; + LDAPControl **ctrls = NULL; /* Tell getconn this is a privileged op */ do_not_cache = op->o_do_not_cache; @@ -524,9 +524,8 @@ ldap_back_entry_get( op->o_conn = oconn; if ( at ) { - is_oc = ( strcasecmp( "objectclass", at->ad_cname.bv_val ) == 0 ); - if ( oc && !is_oc ) { - gattr[0] = "objectclass"; + if ( oc && at != slap_schema.si_ad_objectClass ) { + gattr[0] = slap_schema.si_ad_objectClass->ad_cname.bv_val; gattr[1] = at->ad_cname.bv_val; gattr[2] = NULL; @@ -547,9 +546,17 @@ ldap_back_entry_get( *ptr++ = '\0'; } + ctrls = op->o_ctrls; +#ifdef LDAP_BACK_PROXY_AUTHZ + rc = ldap_back_proxy_authz_ctrl( lc, op, &rs, &ctrls ); + if ( rc != LDAP_SUCCESS ) { + goto cleanup; + } +#endif /* LDAP_BACK_PROXY_AUTHZ */ + retry: rc = ldap_search_ext_s( lc->lc_ld, ndn->bv_val, LDAP_SCOPE_BASE, filter, - at ? gattr : NULL, 0, NULL, NULL, LDAP_NO_LIMIT, + at ? gattr : NULL, 0, ctrls, NULL, LDAP_NO_LIMIT, LDAP_NO_LIMIT, &result ); if ( rc != LDAP_SUCCESS ) { if ( rc == LDAP_SERVER_DOWN && do_retry ) { @@ -576,6 +583,10 @@ retry: } cleanup: +#ifdef LDAP_BACK_PROXY_AUTHZ + (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls ); +#endif /* LDAP_BACK_PROXY_AUTHZ */ + if ( result ) { ldap_msgfree( result ); }