openldap/servers/slapd/back-ldbm/bind.c

/* bind.c - ldbm backend bind and unbind routines */

#include "portable.h"

#include <stdio.h>

#include <ac/krb.h>
#include <ac/socket.h>
#include <ac/string.h>
#include <ac/unistd.h>

#include "slap.h"
#include "back-ldbm.h"
#include "proto-back-ldbm.h"

#include <lutil.h>

#ifdef HAVE_KERBEROS
extern int	krbv4_ldap_auth();
#endif

static int
crypted_value_find(
	struct berval       **vals,
	struct berval       *v,
	int                 syntax,
	int                 normalize,
	struct berval		*cred
)
{
	int     i;
	for ( i = 0; vals[i] != NULL; i++ ) {
		if ( syntax != SYNTAX_BIN ) {
			int result;

#ifdef SLAPD_CRYPT
			ldap_pvt_thread_mutex_lock( &crypt_mutex );
#endif

			result = lutil_passwd(
				(char*) cred->bv_val,
				(char*) vals[i]->bv_val);

#ifdef SLAPD_CRYPT
			ldap_pvt_thread_mutex_unlock( &crypt_mutex );
#endif

			return result;

		} else {
                if ( value_cmp( vals[i], v, syntax, normalize ) == 0 ) {
                        return( 0 );
                }
        }
	}

	return( 1 );
}

int
ldbm_back_bind(
    Backend		*be,
    Connection		*conn,
    Operation		*op,
    char		*dn,
    int			method,
    struct berval	*cred,
	char**	edn
)
{
	struct ldbminfo	*li = (struct ldbminfo *) be->be_private;
	Entry		*e;
	Attribute	*a;
	int		rc;
	char		*matched;
#ifdef HAVE_KERBEROS
	char		krbname[MAX_K_NAME_SZ + 1];
	AUTH_DAT	ad;
#endif

	Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_bind: dn: %s\n", dn, 0, 0);

	*edn = NULL;

	/* get entry with reader lock */
	if ( (e = dn2entry_r( be, dn, &matched )) == NULL ) {
		/* allow noauth binds */
		if ( method == LDAP_AUTH_SIMPLE && cred->bv_len == 0 ) {
			/*
			 * bind successful, but return 1 so we don't
			 * authorize based on noauth credentials
			 */
			send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );
			rc = 1;
		} else if ( be_isroot_pw( be, dn, cred ) ) {
			/* front end will send result */
			*edn = ch_strdup( be_root_dn( be ) );
			rc = 0;
		} else {
			send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched, NULL );
			rc = 1;
		}
		if ( matched != NULL ) {
			free( matched );
		}
		return( rc );
	}

	*edn = ch_strdup( e->e_dn );

	/* check for deleted */

	switch ( method ) {
	case LDAP_AUTH_SIMPLE:
		if ( cred->bv_len == 0 ) {
			send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );

			/* stop front end from sending result */
			rc = 1;
			goto return_results;
		} else if ( be_isroot_pw( be, dn, cred ) ) {
			/* front end will send result */
			*edn = ch_strdup( be_root_dn( be ) );
			rc = 0;
			goto return_results;
		}

		if ( (a = attr_find( e->e_attrs, "userpassword" )) == NULL ) {
			if ( be_isroot_pw( be, dn, cred ) ) {
				/* front end will send result */
				*edn = ch_strdup( be_root_dn( be ) );
				rc = 0;
				goto return_results;
			}
			send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH,
			    NULL, NULL );
			rc = 1;
			goto return_results;
		}

		if ( crypted_value_find( a->a_vals, cred, a->a_syntax, 0, cred ) != 0 )
		{
			if ( be_isroot_pw( be, dn, cred ) ) {
				/* front end will send result */
				*edn = ch_strdup( be_root_dn( be ) );
				rc = 0;
				goto return_results;
			}
			send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
				NULL, NULL );
			rc = 1;
			goto return_results;
		}
		rc = 0;
		break;

#ifdef HAVE_KERBEROS
	case LDAP_AUTH_KRBV41:
		if ( krbv4_ldap_auth( be, cred, &ad ) != LDAP_SUCCESS ) {
			send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,
			    NULL, NULL );
			rc = 0;
			goto return_results;
		}
		sprintf( krbname, "%s%s%s@%s", ad.pname, *ad.pinst ? "."
		    : "", ad.pinst, ad.prealm );
		if ( (a = attr_find( e->e_attrs, "krbname" )) == NULL ) {
			/*
			 * no krbName values present:  check against DN
			 */
			if ( strcasecmp( dn, krbname ) == 0 ) {
				rc = 0; /* XXX wild ass guess */
				break;
			}
			send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH,
			    NULL, NULL );
			rc = 1;
			goto return_results;
		} else {	/* look for krbName match */
			struct berval	krbval;

			krbval.bv_val = krbname;
			krbval.bv_len = strlen( krbname );

			if ( value_find( a->a_vals, &krbval, a->a_syntax, 3 ) != 0 ) {
				send_ldap_result( conn, op,
				    LDAP_INVALID_CREDENTIALS, NULL, NULL );
				rc = 1;
				goto return_results;
			}
		}
		rc = 0;
		break;

	case LDAP_AUTH_KRBV42:
		send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );
		/* stop front end from sending result */
		rc = 1;
		goto return_results;
#endif

	default:
		send_ldap_result( conn, op, LDAP_STRONG_AUTH_NOT_SUPPORTED,
		    NULL, "auth method not supported" );
		rc = 1;
		goto return_results;
	}

return_results:;
	/* free entry and reader lock */
	cache_return_entry_r( &li->li_cache, e );

	/* front end with send result on success (rc==0) */
	return( rc );
}
Initial revision 1998-08-09 08:43:13 +08:00			`/* bind.c - ldbm backend bind and unbind routines */`

merged with autoconf branch 1998-10-25 09:41:42 +08:00			`#include "portable.h"`

Initial revision 1998-08-09 08:43:13 +08:00			`#include <stdio.h>`
merged with autoconf branch 1998-10-25 09:41:42 +08:00
			`#include <ac/krb.h>`
			`#include <ac/socket.h>`
			`#include <ac/string.h>`
			`#include <ac/unistd.h>`

Initial revision 1998-08-09 08:43:13 +08:00			`#include "slap.h"`
			`#include "back-ldbm.h"`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`#include "proto-back-ldbm.h"`
LDAPworldP20: Patch for comparing crypt()ed passwords (#ifdef LDAP_CRYPT) 1998-08-09 11:34:35 +08:00
Add basic support for MD5 and SHA1 passwords. SHA1 support is contributed by Daniel J. Gregor <dj@gregor.com> MD5 support is contributed by me <kurt@OpenLDAP.org> Uses public domain MD5 routines Uses ISC/IBM freely redistributable Base64 routines SHA1 support requires external SHA1 routines 1998-09-03 05:31:35 +08:00			`#include <lutil.h>`

merged with autoconf branch 1998-10-25 09:41:42 +08:00			`#ifdef HAVE_KERBEROS`
Initial revision 1998-08-09 08:43:13 +08:00			`extern int krbv4_ldap_auth();`
			`#endif`

LDAPworldP20: Patch for comparing crypt()ed passwords (#ifdef LDAP_CRYPT) 1998-08-09 11:34:35 +08:00			`static int`
			`crypted_value_find(`
			`struct berval **vals,`
			`struct berval *v,`
			`int syntax,`
			`int normalize,`
			`struct berval *cred`
			`)`
			`{`
			`int i;`
			`for ( i = 0; vals[i] != NULL; i++ ) {`
Update slapd to use lutil_passwd() for both user and root passwords. Remove MD5 and SHA1 options (both are now always on). Rename functions to be lutil_ instead of ldap_. Create --enable-cleartext option. Default is currently 'on'. 1998-12-01 11:36:37 +08:00			`if ( syntax != SYNTAX_BIN ) {`
			`int result;`

Fix --disable-crypt and --disable-cleartext mutex declaration should be moved from slapd/main.c to slapd/init.c so we don't have ripple changes through slapd/tools. 1998-12-30 05:45:08 +08:00			`#ifdef SLAPD_CRYPT`
Use -lldap_r instead of -lldap -lthread. Likely broke things for non-posix threadings.... Update -lldap_r implementation to: remove attribute support hide thread detachment provide concurrency accessors provide initialization function fix gethostby{addr,name}_r codes (not coverred by HAVE_REENTRANT_FUNCTIONS) Update servers/libraries to use ldap_pvt_thread_ calls. Cleanup server codes (no #ifdef HAVE_PTHREAD_THIS or _THATs)! Removed -llthread 1999-01-28 12:34:55 +08:00			`ldap_pvt_thread_mutex_lock( &crypt_mutex );`
Fix --disable-crypt and --disable-cleartext mutex declaration should be moved from slapd/main.c to slapd/init.c so we don't have ripple changes through slapd/tools. 1998-12-30 05:45:08 +08:00			`#endif`
Update slapd to use lutil_passwd() for both user and root passwords. Remove MD5 and SHA1 options (both are now always on). Rename functions to be lutil_ instead of ldap_. Create --enable-cleartext option. Default is currently 'on'. 1998-12-01 11:36:37 +08:00
			`result = lutil_passwd(`
			`(char*) cred->bv_val,`
			`(char*) vals[i]->bv_val);`

Fix --disable-crypt and --disable-cleartext mutex declaration should be moved from slapd/main.c to slapd/init.c so we don't have ripple changes through slapd/tools. 1998-12-30 05:45:08 +08:00			`#ifdef SLAPD_CRYPT`
Use -lldap_r instead of -lldap -lthread. Likely broke things for non-posix threadings.... Update -lldap_r implementation to: remove attribute support hide thread detachment provide concurrency accessors provide initialization function fix gethostby{addr,name}_r codes (not coverred by HAVE_REENTRANT_FUNCTIONS) Update servers/libraries to use ldap_pvt_thread_ calls. Cleanup server codes (no #ifdef HAVE_PTHREAD_THIS or _THATs)! Removed -llthread 1999-01-28 12:34:55 +08:00			`ldap_pvt_thread_mutex_unlock( &crypt_mutex );`
Fix --disable-crypt and --disable-cleartext mutex declaration should be moved from slapd/main.c to slapd/init.c so we don't have ripple changes through slapd/tools. 1998-12-30 05:45:08 +08:00			`#endif`
Update slapd to use lutil_passwd() for both user and root passwords. Remove MD5 and SHA1 options (both are now always on). Rename functions to be lutil_ instead of ldap_. Create --enable-cleartext option. Default is currently 'on'. 1998-12-01 11:36:37 +08:00
			`return result;`

LDAPworldP20: Patch for comparing crypt()ed passwords (#ifdef LDAP_CRYPT) 1998-08-09 11:34:35 +08:00			`} else {`
			`if ( value_cmp( vals[i], v, syntax, normalize ) == 0 ) {`
			`return( 0 );`
			`}`
			`}`
			`}`

			`return( 1 );`
			`}`

Initial revision 1998-08-09 08:43:13 +08:00			`int`
			`ldbm_back_bind(`
			`Backend *be,`
			`Connection *conn,`
			`Operation *op,`
			`char *dn,`
			`int method,`
Update slap_conn to maintain client provided dn and bound dn. Update slap_op to maintain dn and ndn (derived from conn->c_dn). Update ldbm_back_bind to return actual bound dn (including rootdn) for use in slapd_conn. Other backends use client dn. Modify other codes to use ndn (normalized uppercase dn) most everywhere. Aliasing, Suffixing and modrdn could use more work. Applied suffixing to compare and modrdn. 1999-01-19 13:10:50 +08:00			`struct berval *cred,`
			`char** edn`
Initial revision 1998-08-09 08:43:13 +08:00			`)`
			`{`
			`struct ldbminfo li = (struct ldbminfo ) be->be_private;`
			`Entry *e;`
			`Attribute *a;`
			`int rc;`
Changed dn2entry to always returned a modified matched. Modified users of this code to free matched if set. 1998-11-24 04:08:25 +08:00			`char *matched;`
merged with autoconf branch 1998-10-25 09:41:42 +08:00			`#ifdef HAVE_KERBEROS`
Initial revision 1998-08-09 08:43:13 +08:00			`char krbname[MAX_K_NAME_SZ + 1];`
			`AUTH_DAT ad;`
			`#endif`

Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_bind: dn: %s\n", dn, 0, 0);`

Update slap_conn to maintain client provided dn and bound dn. Update slap_op to maintain dn and ndn (derived from conn->c_dn). Update ldbm_back_bind to return actual bound dn (including rootdn) for use in slapd_conn. Other backends use client dn. Modify other codes to use ndn (normalized uppercase dn) most everywhere. Aliasing, Suffixing and modrdn could use more work. Applied suffixing to compare and modrdn. 1999-01-19 13:10:50 +08:00			`*edn = NULL;`

Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`/* get entry with reader lock */`
			`if ( (e = dn2entry_r( be, dn, &matched )) == NULL ) {`
Initial revision 1998-08-09 08:43:13 +08:00			`/* allow noauth binds */`
			`if ( method == LDAP_AUTH_SIMPLE && cred->bv_len == 0 ) {`
			`/*`
			`* bind successful, but return 1 so we don't`
			`* authorize based on noauth credentials`
			`*/`
			`send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );`
			`rc = 1;`
			`} else if ( be_isroot_pw( be, dn, cred ) ) {`
			`/* front end will send result */`
Update slap_conn to maintain client provided dn and bound dn. Update slap_op to maintain dn and ndn (derived from conn->c_dn). Update ldbm_back_bind to return actual bound dn (including rootdn) for use in slapd_conn. Other backends use client dn. Modify other codes to use ndn (normalized uppercase dn) most everywhere. Aliasing, Suffixing and modrdn could use more work. Applied suffixing to compare and modrdn. 1999-01-19 13:10:50 +08:00			`*edn = ch_strdup( be_root_dn( be ) );`
Initial revision 1998-08-09 08:43:13 +08:00			`rc = 0;`
			`} else {`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`send_ldap_result( conn, op, LDAP_NO_SUCH_OBJECT, matched, NULL );`
Initial revision 1998-08-09 08:43:13 +08:00			`rc = 1;`
			`}`
			`if ( matched != NULL ) {`
			`free( matched );`
			`}`
			`return( rc );`
			`}`

Update slap_conn to maintain client provided dn and bound dn. Update slap_op to maintain dn and ndn (derived from conn->c_dn). Update ldbm_back_bind to return actual bound dn (including rootdn) for use in slapd_conn. Other backends use client dn. Modify other codes to use ndn (normalized uppercase dn) most everywhere. Aliasing, Suffixing and modrdn could use more work. Applied suffixing to compare and modrdn. 1999-01-19 13:10:50 +08:00			`*edn = ch_strdup( e->e_dn );`

Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`/* check for deleted */`

Initial revision 1998-08-09 08:43:13 +08:00			`switch ( method ) {`
			`case LDAP_AUTH_SIMPLE:`
			`if ( cred->bv_len == 0 ) {`
			`send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00
			`/* stop front end from sending result */`
			`rc = 1;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`} else if ( be_isroot_pw( be, dn, cred ) ) {`
			`/* front end will send result */`
Update slap_conn to maintain client provided dn and bound dn. Update slap_op to maintain dn and ndn (derived from conn->c_dn). Update ldbm_back_bind to return actual bound dn (including rootdn) for use in slapd_conn. Other backends use client dn. Modify other codes to use ndn (normalized uppercase dn) most everywhere. Aliasing, Suffixing and modrdn could use more work. Applied suffixing to compare and modrdn. 1999-01-19 13:10:50 +08:00			`*edn = ch_strdup( be_root_dn( be ) );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 0;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`}`

			`if ( (a = attr_find( e->e_attrs, "userpassword" )) == NULL ) {`
			`if ( be_isroot_pw( be, dn, cred ) ) {`
			`/* front end will send result */`
Update slap_conn to maintain client provided dn and bound dn. Update slap_op to maintain dn and ndn (derived from conn->c_dn). Update ldbm_back_bind to return actual bound dn (including rootdn) for use in slapd_conn. Other backends use client dn. Modify other codes to use ndn (normalized uppercase dn) most everywhere. Aliasing, Suffixing and modrdn could use more work. Applied suffixing to compare and modrdn. 1999-01-19 13:10:50 +08:00			`*edn = ch_strdup( be_root_dn( be ) );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 0;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`}`
			`send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH,`
			`NULL, NULL );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 1;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`}`

LDAPworldP20: Patch for comparing crypt()ed passwords (#ifdef LDAP_CRYPT) 1998-08-09 11:34:35 +08:00			`if ( crypted_value_find( a->a_vals, cred, a->a_syntax, 0, cred ) != 0 )`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`{`
Initial revision 1998-08-09 08:43:13 +08:00			`if ( be_isroot_pw( be, dn, cred ) ) {`
			`/* front end will send result */`
Update slap_conn to maintain client provided dn and bound dn. Update slap_op to maintain dn and ndn (derived from conn->c_dn). Update ldbm_back_bind to return actual bound dn (including rootdn) for use in slapd_conn. Other backends use client dn. Modify other codes to use ndn (normalized uppercase dn) most everywhere. Aliasing, Suffixing and modrdn could use more work. Applied suffixing to compare and modrdn. 1999-01-19 13:10:50 +08:00			`*edn = ch_strdup( be_root_dn( be ) );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 0;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`}`
			`send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,`
LDAPworldP20: Patch for comparing crypt()ed passwords (#ifdef LDAP_CRYPT) 1998-08-09 11:34:35 +08:00			`NULL, NULL );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 1;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`}`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 0;`
Initial revision 1998-08-09 08:43:13 +08:00			`break;`

merged with autoconf branch 1998-10-25 09:41:42 +08:00			`#ifdef HAVE_KERBEROS`
Initial revision 1998-08-09 08:43:13 +08:00			`case LDAP_AUTH_KRBV41:`
			`if ( krbv4_ldap_auth( be, cred, &ad ) != LDAP_SUCCESS ) {`
			`send_ldap_result( conn, op, LDAP_INVALID_CREDENTIALS,`
			`NULL, NULL );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 0;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`}`
			`sprintf( krbname, "%s%s%s@%s", ad.pname, *ad.pinst ? "."`
			`: "", ad.pinst, ad.prealm );`
			`if ( (a = attr_find( e->e_attrs, "krbname" )) == NULL ) {`
			`/*`
			`* no krbName values present: check against DN`
			`*/`
			`if ( strcasecmp( dn, krbname ) == 0 ) {`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 0; /* XXX wild ass guess */`
Initial revision 1998-08-09 08:43:13 +08:00			`break;`
			`}`
			`send_ldap_result( conn, op, LDAP_INAPPROPRIATE_AUTH,`
			`NULL, NULL );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 1;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`} else { /* look for krbName match */`
			`struct berval krbval;`

			`krbval.bv_val = krbname;`
			`krbval.bv_len = strlen( krbname );`

Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`if ( value_find( a->a_vals, &krbval, a->a_syntax, 3 ) != 0 ) {`
Initial revision 1998-08-09 08:43:13 +08:00			`send_ldap_result( conn, op,`
			`LDAP_INVALID_CREDENTIALS, NULL, NULL );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 1;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`}`
			`}`
Add rc=0 fix as suggested by Tobias Reber <t.reber@dkfz-heidelberg.de> in ITS#17. 1998-12-23 01:04:34 +08:00			`rc = 0;`
Initial revision 1998-08-09 08:43:13 +08:00			`break;`

			`case LDAP_AUTH_KRBV42:`
			`send_ldap_result( conn, op, LDAP_SUCCESS, NULL, NULL );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`/* stop front end from sending result */`
			`rc = 1;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`#endif`

			`default:`
			`send_ldap_result( conn, op, LDAP_STRONG_AUTH_NOT_SUPPORTED,`
			`NULL, "auth method not supported" );`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`rc = 1;`
			`goto return_results;`
Initial revision 1998-08-09 08:43:13 +08:00			`}`

Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`return_results:;`
			`/* free entry and reader lock */`
			`cache_return_entry_r( &li->li_cache, e );`
Initial revision 1998-08-09 08:43:13 +08:00
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00			`/* front end with send result on success (rc==0) */`
			`return( rc );`
Initial revision 1998-08-09 08:43:13 +08:00			`}`
Merged in per cache entry reader/writer locks from OPENLDAP_DEVEL_THREAD 1998-09-21 04:22:46 +08:00