rs->sr_ref = is_entry_referral( e )
? get_entry_referrals( op, e )
: NULL;
- if (rs->sr_ref)
+ if (rs->sr_ref) {
rs->sr_matched = ch_strdup( e->e_name.bv_val );
+ rs->sr_flags |= REP_MATCHED_MUSTBEFREED;
+ }
bdb_cache_return_entry_r( bdb->bi_dbenv, &bdb->bi_cache, e, &lock );
e = NULL;
if ( rs->sr_ref != NULL ) {
rs->sr_err = LDAP_REFERRAL;
send_ldap_result( op, rs );
- free( (char *)rs->sr_matched );
ber_bvarray_free( rs->sr_ref );
rs->sr_ref = NULL;
- rs->sr_matched = NULL;
} else {
rs->sr_err = LDAP_INVALID_CREDENTIALS;
send_ldap_result( op, rs );
if( rs->sr_ref != NULL ) {
rs->sr_err = LDAP_REFERRAL;
+ rs->sr_matched = ch_strdup( e->e_name.bv_val );
+ rs->sr_flags |= REP_MATCHED_MUSTBEFREED;
} else {
rs->sr_err = LDAP_INVALID_CREDENTIALS;
}
if ( (e = dn2entry_r( op->o_bd, &op->o_req_ndn, &matched )) == NULL ) {
if( matched != NULL ) {
rs->sr_matched = ch_strdup( matched->e_dn );
+ rs->sr_flags |= REP_MATCHED_MUSTBEFREED;
rs->sr_ref = is_entry_referral( matched )
? get_entry_referrals( op, matched )
send_ldap_result( op, rs );
if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
- if ( rs->sr_matched ) free( (char *)rs->sr_matched );
rs->sr_ref = NULL;
- rs->sr_matched = NULL;
return rs->sr_err;
}
- ber_dupbv( &op->oq_bind.rb_edn, &e->e_name );
-
/* check for deleted */
#ifdef LDBM_SUBENTRIES
if ( is_entry_subentry( e ) ) {
Debug( LDAP_DEBUG_TRACE,
"entry is subentry\n", 0, 0, 0 );
#endif
- rs->sr_err = LDAP_INVALID_CREDENTIALS;
- send_ldap_result( op, rs );
rc = LDAP_INVALID_CREDENTIALS;
goto return_results;
}
Debug( LDAP_DEBUG_TRACE, "entry is alias\n", 0,
0, 0 );
#endif
-
-
- send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
- "entry is alias" );
-
+ rs->sr_text = "entry is alias";
rc = LDAP_ALIAS_PROBLEM;
goto return_results;
}
if( rs->sr_ref != NULL ) {
- rs->sr_err = LDAP_REFERRAL;
- rs->sr_matched = e->e_name.bv_val;
+ rc = LDAP_REFERRAL;
+ rs->sr_matched = ch_strdup( e->e_name.bv_val );
+ rs->sr_flags |= REP_MATCHED_MUSTBEFREED;
} else {
- rs->sr_err = LDAP_INVALID_CREDENTIALS;
+ rc = LDAP_INVALID_CREDENTIALS;
}
- send_ldap_result( op, rs );
-
- ber_bvarray_free( rs->sr_ref );
- rs->sr_matched = NULL;
- rs->sr_ref = NULL;
- rc = rs->sr_err;
goto return_results;
}
if ( ! access_allowed( op, e,
password, NULL, ACL_AUTH, NULL ) )
{
- send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
rc = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
if ( (a = attr_find( e->e_attrs, password )) == NULL ) {
- send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL );
-
/* stop front end from sending result */
rc = LDAP_INAPPROPRIATE_AUTH;
goto return_results;
}
if ( slap_passwd_check( op->o_conn, a, &op->oq_bind.rb_cred, &rs->sr_text ) != 0 ) {
- send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL );
/* stop front end from sending result */
rc = LDAP_INVALID_CREDENTIALS;
goto return_results;
#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
case LDAP_AUTH_KRBV41:
if ( krbv4_ldap_auth( op->o_bd, &op->oq_bind.rb_cred, &ad ) != LDAP_SUCCESS ) {
- send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL );
rc = LDAP_INVALID_CREDENTIALS;
goto return_results;
}
if ( ! access_allowed( op, e,
krbattr, NULL, ACL_AUTH, NULL ) )
{
- send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
- NULL );
rc = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
rc = 0;
break;
}
- send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL );
rc = LDAP_INAPPROPRIATE_AUTH;
goto return_results;
krbval.bv_len = strlen( krbname );
if ( value_find( a->a_desc, a->a_vals, &krbval ) != 0 ) {
- send_ldap_error( op, rs,
- LDAP_INVALID_CREDENTIALS, NULL );
rc = LDAP_INVALID_CREDENTIALS;
goto return_results;
}
break;
case LDAP_AUTH_KRBV42:
- send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
- "Kerberos bind step 2 not supported" );
+ rs->sr_text = "Kerberos bind step 2 not supported";
/* stop front end from sending result */
rc = LDAP_UNWILLING_TO_PERFORM;
goto return_results;
#endif
default:
- send_ldap_error( op, rs, LDAP_STRONG_AUTH_NOT_SUPPORTED,
- "authentication method not supported" );
+ rs->sr_text = "authentication method not supported";
rc = LDAP_STRONG_AUTH_NOT_SUPPORTED;
goto return_results;
}
+ ber_dupbv( &op->oq_bind.rb_edn, &e->e_name );
+
return_results:;
/* free entry and reader lock */
cache_return_entry_r( &li->li_cache, e );
ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
+ if ( rc ) {
+ rs->sr_err = rc;
+ send_ldap_result( op, rs );
+ if ( rs->sr_ref ) {
+ ber_bvarray_free( rs->sr_ref );
+ rs->sr_ref = NULL;
+ }
+ }
+
/* front end will send result on success (rc==0) */
return( rc );
}
char buf[ BACKMONITOR_BUFSIZE ];
int j;
slap_overinfo *oi = NULL;
+ BackendInfo *bi;
be = &backendDB[i];
+ bi = be->bd_info;
+
if ( strcmp( be->bd_info->bi_type, "over" ) == 0 ) {
oi = (slap_overinfo *)be->bd_info;
-
- be = &oi->oi_bd;
+ bi = oi->oi_orig;
}
/* Subordinates are not exposed as their own naming context */
mi->mi_oc_monitoredObject->soc_cname.bv_val,
i,
mi->mi_ad_monitoredInfo->ad_cname.bv_val,
- be->bd_info->bi_type,
+ bi->bi_type,
mi->mi_startTime.bv_val,
mi->mi_startTime.bv_val );
}
#if defined(SLAPD_LDAP)
- if ( strcmp( be->bd_info->bi_type, "ldap" ) == 0 ) {
+ if ( strcmp( bi->bi_type, "ldap" ) == 0 ) {
struct ldapinfo *li = (struct ldapinfo *)be->be_private;
struct berval bv;
#endif /* defined(SLAPD_LDAP) */
for ( j = nBackendInfo; j--; ) {
- if ( backendInfo[ j ].bi_type == be->bd_info->bi_type ) {
+ if ( backendInfo[ j ].bi_type == bi->bi_type ) {
struct berval bv;
snprintf( buf, sizeof( buf ),
{
slap_overinfo *oi = (slap_overinfo *) be->bd_info;
slap_overinst *on = oi->oi_list;
- BackendDB bd;
BI_db_open **func;
int rc = 0;
- func = &oi->oi_bd.bd_info->bi_db_open;
+ func = &oi->oi_orig->bi_db_open;
if ( func[which] ) {
- rc = func[which]( &oi->oi_bd );
- if ( rc ) return rc;
+ be->bd_info = oi->oi_orig;
+ rc = func[which]( be );
}
- bd = *be;
- for (; on; on=on->on_next) {
- bd.bd_info = &on->on_bi;
+ for (; on && rc == 0; on=on->on_next) {
+ be->bd_info = &on->on_bi;
func = &on->on_bi.bi_db_open;
if (func[which]) {
- rc = func[which]( &bd );
- if ( rc ) break;
+ rc = func[which]( be );
}
}
+ be->bd_info = (BackendInfo *)oi;
return rc;
}
{
slap_overinfo *oi = (slap_overinfo *) be->bd_info;
slap_overinst *on = oi->oi_list;
- BackendDB bd;
int rc = 0;
- if ( oi->oi_bd.bd_info->bi_db_config ) {
- rc = oi->oi_bd.bd_info->bi_db_config( &oi->oi_bd, fname, lineno,
+ if ( oi->oi_orig->bi_db_config ) {
+ be->bd_info = oi->oi_orig;
+ rc = oi->oi_orig->bi_db_config( be, fname, lineno,
argc, argv );
+ be->bd_info = (BackendInfo *)oi;
if ( rc != SLAP_CONF_UNKNOWN ) return rc;
}
- bd = *be;
for (; on; on=on->on_next) {
- bd.bd_info = &on->on_bi;
if (on->on_bi.bi_db_config) {
- rc = on->on_bi.bi_db_config( &bd, fname, lineno,
+ be->bd_info = &on->on_bi;
+ rc = on->on_bi.bi_db_config( be, fname, lineno,
argc, argv );
if ( rc != SLAP_CONF_UNKNOWN ) break;
}
}
+ be->bd_info = (BackendInfo *)oi;
return rc;
}
}
op->o_bd = be;
- func = &oi->oi_bd.bd_info->bi_op_bind;
+ func = &oi->oi_orig->bi_op_bind;
if ( func[which] && rc == SLAP_CB_CONTINUE ) {
rc = func[which]( op, rs );
}
*/
if ( be->bd_info->bi_type != overtype ) {
oi = ch_malloc( sizeof(slap_overinfo) );
- oi->oi_bd = *be;
+ oi->oi_orig = be->bd_info;
oi->oi_bi = *be->bd_info;
oi->oi_list = NULL;
bi = (BackendInfo *)oi;
--- /dev/null
+This directory contains a number of SLAPD overlays, some
+project-maintained, some not. Some are generally usable,
+others are purely experimental.
+
if( ndn->bv_val ) {
o->o_tmpfree(ndn->bv_val, o->o_tmpmemctx);
ndn->bv_val = NULL;
+ ndn->bv_len = 0;
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, DETAIL1,
case LDAP_SCOPE_ONELEVEL:
case LDAP_SCOPE_SUBTREE:
+#ifdef LDAP_SCOPE_SUBORDINATE
+ case LDAP_SCOPE_SUBORDINATE:
+#endif
/* do a search */
break;
AttributeDescription *si_ad_dseType;
AttributeDescription *si_ad_syncreplCookie;
+ AttributeDescription *si_ad_syncTimestamp;
AttributeDescription *si_ad_contextCSN;
/* root DSE attribute descriptions */
#define SLAPD_FILTER_COMPUTED ((ber_tag_t) -1)
#define SLAPD_FILTER_DN_ONE ((ber_tag_t) -2)
#define SLAPD_FILTER_DN_SUBTREE ((ber_tag_t) -3)
+#ifdef LDAP_SCOPE_SUBORDINATE
+#define SLAPD_FILTER_DN_CHILDREN ((ber_tag_t) -4)
+#endif
union f_un_u {
/* precomputed result */
typedef struct slap_overinfo {
BackendInfo oi_bi;
- BackendDB oi_bd;
- slap_overinst *oi_list;
+ BackendInfo *oi_orig;
+ struct slap_overinst *oi_list;
} slap_overinfo;
/* Should successive callbacks in a chain be processed? */