mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
Fix config, chaining
This commit is contained in:
parent
09d05a57c2
commit
4c5de987cd
@ -40,32 +40,57 @@ ldap_chain_response( Operation *op, SlapReply *rs )
|
||||
{
|
||||
slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
|
||||
void *private = op->o_bd->be_private;
|
||||
slap_callback *sc = op->o_callback;
|
||||
LDAPControl **prev = op->o_ctrls;
|
||||
LDAPControl **ctrls, authz;
|
||||
LDAPControl **ctrls = NULL, authz;
|
||||
int i, nctrls, rc;
|
||||
int cache = op->o_do_not_cache;
|
||||
char *authzid = NULL;
|
||||
BerVarray ref;
|
||||
|
||||
if ( rs->sr_err != LDAP_REFERRAL )
|
||||
return SLAP_CB_CONTINUE;
|
||||
|
||||
op->o_bd->be_private = on->on_bi.bi_private;
|
||||
for (i=0; prev && prev[i]; i++);
|
||||
nctrls = i;
|
||||
/* currently we assume only one referral destination.
|
||||
* we'll have to parse this in the future.
|
||||
*/
|
||||
ref = rs->sr_ref;
|
||||
rs->sr_ref = NULL;
|
||||
|
||||
ctrls = op->o_tmpalloc((i+1)*sizeof(LDAPControl *), op->o_tmpmemctx);
|
||||
for (i=0; i <nctrls; i++)
|
||||
ctrls[i] = prev[i];
|
||||
ctrls[nctrls] = &authz;
|
||||
ctrls[nctrls+1] = NULL;
|
||||
authz.ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
|
||||
authz.ldctl_iscritical = 1;
|
||||
authz.ldctl_value = op->o_dn;
|
||||
op->o_bd->be_private = on->on_bi.bi_private;
|
||||
op->o_callback = NULL;
|
||||
|
||||
if ( op->o_tag != LDAP_REQ_BIND ) {
|
||||
for (i=0; prev && prev[i]; i++);
|
||||
nctrls = i;
|
||||
|
||||
/* Add an extra NULL slot */
|
||||
if (!prev) i++;
|
||||
|
||||
ctrls = op->o_tmpalloc((i+1)*sizeof(LDAPControl *),
|
||||
op->o_tmpmemctx);
|
||||
for (i=0; i <nctrls; i++)
|
||||
ctrls[i] = prev[i];
|
||||
ctrls[nctrls] = &authz;
|
||||
ctrls[nctrls+1] = NULL;
|
||||
authz.ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
|
||||
authz.ldctl_iscritical = 1;
|
||||
authz.ldctl_value = op->o_dn;
|
||||
if ( op->o_dn.bv_len ) {
|
||||
authzid = op->o_tmpalloc( op->o_dn.bv_len+4,
|
||||
op->o_tmpmemctx );
|
||||
strcpy(authzid, "dn: ");
|
||||
strcpy(authzid+4, op->o_dn.bv_val);
|
||||
authz.ldctl_value.bv_len = op->o_dn.bv_len + 4;
|
||||
authz.ldctl_value.bv_val = authzid;
|
||||
}
|
||||
op->o_ctrls = ctrls;
|
||||
}
|
||||
|
||||
/* Chaining is performed by a privileged user on behalf
|
||||
* of a normal user
|
||||
*/
|
||||
op->o_do_not_cache = 1;
|
||||
op->o_ctrls = ctrls;
|
||||
|
||||
switch( op->o_tag ) {
|
||||
case LDAP_REQ_BIND:
|
||||
@ -99,7 +124,10 @@ ldap_chain_response( Operation *op, SlapReply *rs )
|
||||
op->o_do_not_cache = cache;
|
||||
op->o_ctrls = prev;
|
||||
op->o_bd->be_private = private;
|
||||
op->o_tmpfree( ctrls, op->o_tmpmemctx );
|
||||
op->o_callback = sc;
|
||||
if ( ctrls ) op->o_tmpfree( ctrls, op->o_tmpmemctx );
|
||||
if ( authzid ) op->o_tmpfree( authzid, op->o_tmpmemctx );
|
||||
rs->sr_ref = ref;
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
@ -37,7 +37,7 @@ over_db_func(
|
||||
BI_db_open **func;
|
||||
int rc = 0;
|
||||
|
||||
func = &oi->oi_bi.bi_db_open;
|
||||
func = &oi->oi_bd.bd_info->bi_db_open;
|
||||
if ( func[which] ) {
|
||||
rc = func[which]( &oi->oi_bd );
|
||||
if ( rc ) return rc;
|
||||
@ -69,8 +69,8 @@ over_db_config(
|
||||
BackendDB bd;
|
||||
int rc = 0;
|
||||
|
||||
if ( oi->oi_bi.bi_db_config ) {
|
||||
rc = oi->oi_bi.bi_db_config( &oi->oi_bd, fname, lineno,
|
||||
if ( oi->oi_bd.bd_info->bi_db_config ) {
|
||||
rc = oi->oi_bd.bd_info->bi_db_config( &oi->oi_bd, fname, lineno,
|
||||
argc, argv );
|
||||
if ( rc ) return rc;
|
||||
}
|
||||
@ -179,7 +179,7 @@ over_op_func(
|
||||
}
|
||||
}
|
||||
|
||||
func = &oi->oi_bi.bi_op_bind;
|
||||
func = &oi->oi_bd.bd_info->bi_op_bind;
|
||||
if ( func[which] ) {
|
||||
rc = func[which]( op, rs );
|
||||
}
|
||||
|
@ -935,8 +935,8 @@ read_config( const char *fname, int depth )
|
||||
#endif
|
||||
return 1;
|
||||
|
||||
} else {
|
||||
return overlay_config( be, cargv[1] );
|
||||
} else if ( overlay_config( be, cargv[1] )) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* set database suffix */
|
||||
|
Loading…
Reference in New Issue
Block a user