From f481ffef9c6beb970a61611803a0db9323b9c927 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Fri, 8 Feb 2008 02:01:17 +0000
Subject: [PATCH] ITS#5355 use bi_extra instead of calling directly into
 back-ldap

---
 servers/slapd/back-ldap/back-ldap.h |  6 ++++++
 servers/slapd/back-ldap/init.c      |  7 +++++++
 servers/slapd/back-meta/add.c       |  4 ++--
 servers/slapd/back-meta/back-meta.h |  3 +++
 servers/slapd/back-meta/bind.c      |  6 +++---
 servers/slapd/back-meta/compare.c   |  4 ++--
 servers/slapd/back-meta/delete.c    |  4 ++--
 servers/slapd/back-meta/init.c      | 10 ++++++++++
 servers/slapd/back-meta/modify.c    |  4 ++--
 servers/slapd/back-meta/modrdn.c    |  4 ++--
 servers/slapd/back-meta/search.c    |  4 ++--
 11 files changed, 41 insertions(+), 15 deletions(-)

diff --git a/servers/slapd/back-ldap/back-ldap.h b/servers/slapd/back-ldap/back-ldap.h
index 104ae675c9..9098d40841 100644
--- a/servers/slapd/back-ldap/back-ldap.h
+++ b/servers/slapd/back-ldap/back-ldap.h
@@ -424,6 +424,12 @@ typedef enum ldap_back_send_t {
 #define LDAP_BACK_PRINT_CONNTREE 0
 #endif /* !LDAP_BACK_PRINT_CONNTREE */
 
+typedef struct ldap_extra_t {
+	int (*proxy_authz_ctrl)( Operation *op, SlapReply *rs, struct berval *bound_ndn,
+		int version, slap_idassert_t *si, LDAPControl	*ctrl );
+	int (*controls_free)( Operation *op, SlapReply *rs, LDAPControl ***pctrls );
+} ldap_extra_t;
+
 LDAP_END_DECL
 
 #include "proto-ldap.h"
diff --git a/servers/slapd/back-ldap/init.c b/servers/slapd/back-ldap/init.c
index d202aab5a7..44012c81b7 100644
--- a/servers/slapd/back-ldap/init.c
+++ b/servers/slapd/back-ldap/init.c
@@ -32,6 +32,11 @@
 #include "config.h"
 #include "back-ldap.h"
 
+static const ldap_extra_t ldap_extra = {
+	ldap_back_proxy_authz_ctrl,
+	ldap_back_controls_free
+};
+
 int
 ldap_back_open( BackendInfo	*bi )
 {
@@ -83,6 +88,8 @@ ldap_back_initialize( BackendInfo *bi )
 	bi->bi_connection_init = 0;
 	bi->bi_connection_destroy = ldap_back_conn_destroy;
 
+	bi->bi_extra = (void *)&ldap_extra;
+
 	rc = chain_initialize();
 	if ( rc ) {
 		return rc;
diff --git a/servers/slapd/back-meta/add.c b/servers/slapd/back-meta/add.c
index 2697899635..bbe9f6a1eb 100644
--- a/servers/slapd/back-meta/add.c
+++ b/servers/slapd/back-meta/add.c
@@ -183,13 +183,13 @@ retry:;
 		do_retry = 0;
 		if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
 			/* if the identity changed, there might be need to re-authz */
-			(void)ldap_back_controls_free( op, rs, &ctrls );
+			(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 			goto retry;
 		}
 	}
 
 cleanup:;
-	(void)ldap_back_controls_free( op, rs, &ctrls );
+	(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 
 	for ( --i; i >= 0; --i ) {
 		free( attrs[ i ]->mod_bvalues );
diff --git a/servers/slapd/back-meta/back-meta.h b/servers/slapd/back-meta/back-meta.h
index 190180719c..16d952bcb6 100644
--- a/servers/slapd/back-meta/back-meta.h
+++ b/servers/slapd/back-meta/back-meta.h
@@ -397,6 +397,9 @@ typedef struct metainfo_t {
 	time_t			mi_idle_timeout;
 	struct timeval		mi_bind_timeout;
 	time_t			mi_timeout[ SLAP_OP_LAST ];
+
+	ldap_extra_t	*mi_ldap_extra;
+
 } metainfo_t;
 
 typedef enum meta_op_type {
diff --git a/servers/slapd/back-meta/bind.c b/servers/slapd/back-meta/bind.c
index 95ca3ff9e7..3f74836281 100644
--- a/servers/slapd/back-meta/bind.c
+++ b/servers/slapd/back-meta/bind.c
@@ -509,7 +509,7 @@ meta_back_single_bind(
 		ldap_pvt_thread_yield();
 	}
 
-	ldap_back_controls_free( op, rs, &ctrls );
+	mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 
 	meta_back_bind_op_result( op, rs, mc, candidate, msgid, LDAP_BACK_DONTSEND );
 	if ( rs->sr_err != LDAP_SUCCESS ) {
@@ -1553,7 +1553,7 @@ meta_back_proxy_authz_bind( metaconn_t *mc, int candidate, Operation *op, SlapRe
  *
  * if any needs to be added, it is prepended to existing ones,
  * in a newly allocated array.  The companion function
- * ldap_back_controls_free() must be used to restore the original
+ * mi->mi_ldap_extra->controls_free() must be used to restore the original
  * status of op->o_ctrls.
  */
 int
@@ -1595,7 +1595,7 @@ meta_back_controls_add(
 	/* put controls that go __before__ existing ones here */
 
 	/* proxyAuthz for identity assertion */
-	switch ( ldap_back_proxy_authz_ctrl( op, rs, &msc->msc_bound_ndn,
+	switch ( mi->mi_ldap_extra->proxy_authz_ctrl( op, rs, &msc->msc_bound_ndn,
 		mt->mt_version, &mt->mt_idassert, &c[ j1 ] ) )
 	{
 	case SLAP_CB_CONTINUE:
diff --git a/servers/slapd/back-meta/compare.c b/servers/slapd/back-meta/compare.c
index 6a54801726..5fbb9fa928 100644
--- a/servers/slapd/back-meta/compare.c
+++ b/servers/slapd/back-meta/compare.c
@@ -129,13 +129,13 @@ retry:;
 		do_retry = 0;
 		if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
 			/* if the identity changed, there might be need to re-authz */
-			(void)ldap_back_controls_free( op, rs, &ctrls );
+			(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 			goto retry;
 		}
 	}
 
 cleanup:;
-	(void)ldap_back_controls_free( op, rs, &ctrls );
+	(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 
 	if ( mdn.bv_val != op->o_req_dn.bv_val ) {
 		free( mdn.bv_val );
diff --git a/servers/slapd/back-meta/delete.c b/servers/slapd/back-meta/delete.c
index 71391057fc..b3335a09c8 100644
--- a/servers/slapd/back-meta/delete.c
+++ b/servers/slapd/back-meta/delete.c
@@ -81,13 +81,13 @@ retry:;
 		do_retry = 0;
 		if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
 			/* if the identity changed, there might be need to re-authz */
-			(void)ldap_back_controls_free( op, rs, &ctrls );
+			(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 			goto retry;
 		}
 	}
 
 cleanup:;
-	(void)ldap_back_controls_free( op, rs, &ctrls );
+	(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 
 	if ( mdn.bv_val != op->o_req_dn.bv_val ) {
 		free( mdn.bv_val );
diff --git a/servers/slapd/back-meta/init.c b/servers/slapd/back-meta/init.c
index e5fe76f277..0c77c4c209 100644
--- a/servers/slapd/back-meta/init.c
+++ b/servers/slapd/back-meta/init.c
@@ -134,6 +134,7 @@ meta_back_db_open(
 	ConfigReply	*cr )
 {
 	metainfo_t	*mi = (metainfo_t *)be->be_private;
+	BackendInfo *bi;
 
 	int		i,
 			not_always = 0,
@@ -148,6 +149,15 @@ meta_back_db_open(
 		return 1;
 	}
 
+	bi = backend_info( "ldap" );
+	if ( !bi || !bi->bi_extra ) {
+		Debug( LDAP_DEBUG_ANY,
+			"meta_back_db_open: needs back-ldap\n",
+			0, 0, 0 );
+		return 1;
+	}
+	mi->mi_ldap_extra = (ldap_extra_t *)bi->bi_extra;
+
 	for ( i = 0; i < mi->mi_ntargets; i++ ) {
 		slap_bindconf	sb = { BER_BVNULL };
 		metatarget_t	*mt = mi->mi_targets[ i ];
diff --git a/servers/slapd/back-meta/modify.c b/servers/slapd/back-meta/modify.c
index 84cf5d6a47..e2c735b9f1 100644
--- a/servers/slapd/back-meta/modify.c
+++ b/servers/slapd/back-meta/modify.c
@@ -192,13 +192,13 @@ retry:;
 		do_retry = 0;
 		if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
 			/* if the identity changed, there might be need to re-authz */
-			(void)ldap_back_controls_free( op, rs, &ctrls );
+			(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 			goto retry;
 		}
 	}
 
 cleanup:;
-	(void)ldap_back_controls_free( op, rs, &ctrls );
+	(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 
 	if ( mdn.bv_val != op->o_req_dn.bv_val ) {
 		free( mdn.bv_val );
diff --git a/servers/slapd/back-meta/modrdn.c b/servers/slapd/back-meta/modrdn.c
index 7938d7e9b9..117d7247ab 100644
--- a/servers/slapd/back-meta/modrdn.c
+++ b/servers/slapd/back-meta/modrdn.c
@@ -136,13 +136,13 @@ retry:;
 		do_retry = 0;
 		if ( meta_back_retry( op, rs, &mc, candidate, LDAP_BACK_SENDERR ) ) {
 			/* if the identity changed, there might be need to re-authz */
-			(void)ldap_back_controls_free( op, rs, &ctrls );
+			(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 			goto retry;
 		}
 	}
 
 cleanup:;
-	(void)ldap_back_controls_free( op, rs, &ctrls );
+	(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 
 	if ( mdn.bv_val != op->o_req_dn.bv_val ) {
 		free( mdn.bv_val );
diff --git a/servers/slapd/back-meta/search.c b/servers/slapd/back-meta/search.c
index 895020c6f0..70437ed6a1 100644
--- a/servers/slapd/back-meta/search.c
+++ b/servers/slapd/back-meta/search.c
@@ -624,7 +624,7 @@ retry:;
 		if ( nretries && meta_back_retry( op, rs, mcp, candidate, LDAP_BACK_DONTSEND ) ) {
 			nretries = 0;
 			/* if the identity changed, there might be need to re-authz */
-			(void)ldap_back_controls_free( op, rs, &ctrls );
+			(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 			goto retry;
 		}
 
@@ -641,7 +641,7 @@ retry:;
 	}
 
 done:;
-	(void)ldap_back_controls_free( op, rs, &ctrls );
+	(void)mi->mi_ldap_extra->controls_free( op, rs, &ctrls );
 
 	if ( mapped_attrs ) {
 		free( mapped_attrs );
-- 
2.39.5