Home | History | Annotate | Line # | Download | only in back-monitor
compare.c revision 1.1.1.3 
      1 /*	$NetBSD: compare.c,v 1.1.1.3 2010/12/12 15:23:13 adam Exp $	*/
      2 
      3 /* compare.c - monitor backend compare routine */
      4 /* OpenLDAP: pkg/ldap/servers/slapd/back-monitor/compare.c,v 1.24.2.7 2010/04/13 20:23:32 kurt Exp */
      5 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
      6  *
      7  * Copyright 2001-2010 The OpenLDAP Foundation.
      8  * Portions Copyright 2001-2003 Pierangelo Masarati.
      9  * All rights reserved.
     10  *
     11  * Redistribution and use in source and binary forms, with or without
     12  * modification, are permitted only as authorized by the OpenLDAP
     13  * Public License.
     14  *
     15  * A copy of this license is available in file LICENSE in the
     16  * top-level directory of the distribution or, alternatively, at
     17  * <http://www.OpenLDAP.org/license.html>.
     18  */
     19 /* ACKNOWLEDGEMENTS:
     20  * This work was initially developed by Pierangelo Masarati for inclusion
     21  * in OpenLDAP Software.
     22  */
     23 
     24 #include "portable.h"
     25 
     26 #include <stdio.h>
     27 
     28 #include <slap.h>
     29 #include "back-monitor.h"
     30 
     31 int
     32 monitor_back_compare( Operation *op, SlapReply *rs )
     33 {
     34 	monitor_info_t	*mi = ( monitor_info_t * ) op->o_bd->be_private;
     35 	Entry           *e, *matched = NULL;
     36 	Attribute	*a;
     37 	int		rc;
     38 
     39 	/* get entry with reader lock */
     40 	monitor_cache_dn2entry( op, rs, &op->o_req_ndn, &e, &matched );
     41 	if ( e == NULL ) {
     42 		rs->sr_err = LDAP_NO_SUCH_OBJECT;
     43 		if ( matched ) {
     44 			if ( !access_allowed_mask( op, matched,
     45 					slap_schema.si_ad_entry,
     46 					NULL, ACL_DISCLOSE, NULL, NULL ) )
     47 			{
     48 				/* do nothing */ ;
     49 			} else {
     50 				rs->sr_matched = matched->e_dn;
     51 			}
     52 		}
     53 		send_ldap_result( op, rs );
     54 		if ( matched ) {
     55 			monitor_cache_release( mi, matched );
     56 			rs->sr_matched = NULL;
     57 		}
     58 
     59 		return rs->sr_err;
     60 	}
     61 
     62 	rs->sr_err = access_allowed( op, e, op->oq_compare.rs_ava->aa_desc,
     63 			&op->oq_compare.rs_ava->aa_value, ACL_COMPARE, NULL );
     64 	if ( !rs->sr_err ) {
     65 		rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
     66 		goto return_results;
     67 	}
     68 
     69 	rs->sr_err = LDAP_NO_SUCH_ATTRIBUTE;
     70 
     71 	for ( a = attrs_find( e->e_attrs, op->oq_compare.rs_ava->aa_desc );
     72 			a != NULL;
     73 			a = attrs_find( a->a_next, op->oq_compare.rs_ava->aa_desc )) {
     74 		rs->sr_err = LDAP_COMPARE_FALSE;
     75 
     76 		if ( attr_valfind( a,
     77 			SLAP_MR_ATTRIBUTE_VALUE_NORMALIZED_MATCH |
     78 				SLAP_MR_ASSERTED_VALUE_NORMALIZED_MATCH,
     79 			&op->oq_compare.rs_ava->aa_value, NULL,
     80 			op->o_tmpmemctx ) == 0 )
     81 		{
     82 			rs->sr_err = LDAP_COMPARE_TRUE;
     83 			break;
     84 		}
     85 	}
     86 
     87 return_results:;
     88 	rc = rs->sr_err;
     89 	switch ( rc ) {
     90 	case LDAP_COMPARE_FALSE:
     91 	case LDAP_COMPARE_TRUE:
     92 		rc = LDAP_SUCCESS;
     93 		break;
     94 
     95 	case LDAP_NO_SUCH_ATTRIBUTE:
     96 		break;
     97 
     98 	default:
     99 		if ( !access_allowed_mask( op, e, slap_schema.si_ad_entry,
    100 				NULL, ACL_DISCLOSE, NULL, NULL ) )
    101 		{
    102 			rs->sr_err = LDAP_NO_SUCH_OBJECT;
    103 		}
    104 		break;
    105 	}
    106 
    107 	send_ldap_result( op, rs );
    108 	rs->sr_err = rc;
    109 
    110 	monitor_cache_release( mi, e );
    111 
    112 	return rs->sr_err;
    113 }
    114 
    115