From: Howard Chu Date: Wed, 26 Feb 2003 12:49:21 +0000 (+0000) Subject: Only check opinfo.boi_err when ACL check failed. X-Git-Tag: NO_SLAP_OP_BLOCKS~282 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=d7aac0a9d5520066ee987d16377eb580b2385411;p=openldap Only check opinfo.boi_err when ACL check failed. --- diff --git a/servers/slapd/back-bdb/add.c b/servers/slapd/back-bdb/add.c index 20aa3193db..b7c47dadb4 100644 --- a/servers/slapd/back-bdb/add.c +++ b/servers/slapd/back-bdb/add.c @@ -218,13 +218,13 @@ retry: /* transaction retry */ rc = access_allowed( be, conn, op, p, children, NULL, ACL_WRITE, NULL ); - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - if ( ! rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "bdb_add: no write access to parent\n", 0, 0, 0 ); @@ -318,13 +318,13 @@ retry: /* transaction retry */ p = NULL; - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - if ( ! rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "bdb_add: no write access to parent\n", 0, 0, 0 ); @@ -381,13 +381,13 @@ retry: /* transaction retry */ rc = access_allowed( be, conn, op, e, entry, NULL, ACL_WRITE, NULL ); - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - if ( ! rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "bdb_add: no write access to entry\n", 0, 0, 0 ); diff --git a/servers/slapd/back-bdb/delete.c b/servers/slapd/back-bdb/delete.c index 3aff606e71..079b44081c 100644 --- a/servers/slapd/back-bdb/delete.c +++ b/servers/slapd/back-bdb/delete.c @@ -164,13 +164,13 @@ retry: /* transaction retry */ bdb_unlocked_cache_return_entry_r(&bdb->bi_cache, p); p = NULL; - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - if ( !rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "<=- bdb_delete: no write access to parent\n", 0, 0, 0 ); @@ -197,13 +197,13 @@ retry: /* transaction retry */ p = NULL; - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - if ( !rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "<=- bdb_delete: no access to parent\n", 0, 0, 0 ); @@ -300,13 +300,13 @@ retry: /* transaction retry */ rc = access_allowed( be, conn, op, e, entry, NULL, ACL_WRITE, NULL ); - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - if ( !rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "<=- bdb_delete: no write access to entry\n", 0, 0, 0 ); diff --git a/servers/slapd/back-bdb/modify.c b/servers/slapd/back-bdb/modify.c index 98fc5edd90..167938a960 100644 --- a/servers/slapd/back-bdb/modify.c +++ b/servers/slapd/back-bdb/modify.c @@ -451,6 +451,9 @@ retry: /* transaction retry */ "bdb_modify: modify failed (%d)\n", rc, 0, 0 ); #endif + if ( (rc == LDAP_INSUFFICIENT_ACCESS) && opinfo.boi_err ) { + rc = opinfo.boi_err; + } switch( rc ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: diff --git a/servers/slapd/back-bdb/modrdn.c b/servers/slapd/back-bdb/modrdn.c index e3f054d1f5..27854b3a30 100644 --- a/servers/slapd/back-bdb/modrdn.c +++ b/servers/slapd/back-bdb/modrdn.c @@ -193,13 +193,13 @@ retry: /* transaction retry */ /* check write on old entry */ rc = access_allowed( be, conn, op, e, entry, NULL, ACL_WRITE, NULL ); - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - if ( ! rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, "==>bdb_modrdn: no access to entry\n", 0, 0, 0 ); @@ -278,13 +278,13 @@ retry: /* transaction retry */ rc = access_allowed( be, conn, op, p, children, NULL, ACL_WRITE, NULL ); - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - if ( ! rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + rc = LDAP_INSUFFICIENT_ACCESS; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, @@ -334,15 +334,15 @@ retry: /* transaction retry */ rc = access_allowed( be, conn, op, p, children, NULL, ACL_WRITE, NULL ); - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - p = NULL; if ( ! rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + rc = LDAP_INSUFFICIENT_ACCESS; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, @@ -481,13 +481,13 @@ retry: /* transaction retry */ rc = access_allowed( be, conn, op, np, children, NULL, ACL_WRITE, NULL ); - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - if( ! rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, DETAIL1, "==>bdb_modrdn: no wr to newSup children\n", 0, 0, 0 ); @@ -548,15 +548,15 @@ retry: /* transaction retry */ rc = access_allowed( be, conn, op, np, children, NULL, ACL_WRITE, NULL ); - switch( opinfo.boi_err ) { - case DB_LOCK_DEADLOCK: - case DB_LOCK_NOTGRANTED: - goto retry; - } - np = NULL; if ( ! rc ) { + switch( opinfo.boi_err ) { + case DB_LOCK_DEADLOCK: + case DB_LOCK_NOTGRANTED: + goto retry; + } + rc = LDAP_INSUFFICIENT_ACCESS; #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ERR, @@ -771,6 +771,9 @@ retry: /* transaction retry */ &text, textbuf, textlen ); if( rc != LDAP_SUCCESS ) { + if ( ( rc == LDAP_INSUFFICIENT_ACCESS ) && opinfo.boi_err ) { + rc = opinfo.boi_err; + } switch( rc ) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: diff --git a/servers/slapd/back-bdb/passwd.c b/servers/slapd/back-bdb/passwd.c index d258265e22..685a187cbd 100644 --- a/servers/slapd/back-bdb/passwd.c +++ b/servers/slapd/back-bdb/passwd.c @@ -227,6 +227,9 @@ retry: /* transaction retry */ rc = bdb_modify_internal( be, conn, op, ltid, &ml, e, text, textbuf, textlen ); + if ( (rc == LDAP_INSUFFICIENT_ACCESS) && opinfo.boi_err ) { + rc = opinfo.boi_err; + } switch(rc) { case DB_LOCK_DEADLOCK: case DB_LOCK_NOTGRANTED: