Sophie: openldap-2.4.38-1.3.mga4 src

openldap-2.4.38-1.3.mga4.src.rpm

diff --git a/servers/slapd/root_dse.c b/servers/slapd/root_dse.c
index 195b52c..e13df47 100644
--- a/servers/slapd/root_dse.c
+++ b/servers/slapd/root_dse.c
@@ -183,9 +183,6 @@
 {
 	Entry		*e;
 	struct berval val;
-#ifdef LDAP_SLAPI
-	struct berval *bv;
-#endif
 	int		i, j;
 	char ** supportedSASLMechanisms;
 	BackendDB *be;
@@ -196,10 +193,6 @@
 		= slap_schema.si_ad_objectClass;
 	AttributeDescription *ad_namingContexts
 		= slap_schema.si_ad_namingContexts;
-#ifdef LDAP_SLAPI
-	AttributeDescription *ad_supportedExtension
-		= slap_schema.si_ad_supportedExtension;
-#endif
 	AttributeDescription *ad_supportedLDAPVersion
 		= slap_schema.si_ad_supportedLDAPVersion;
 	AttributeDescription *ad_supportedSASLMechanisms
@@ -295,15 +288,6 @@
 	if ( exop_root_dse_info( e ) != 0 ) {
 		goto fail;
 	}
-
-#ifdef LDAP_SLAPI
-	/* netscape supportedExtension */
-	for ( i = 0; (bv = slapi_int_get_supported_extop(i)) != NULL; i++ ) {
-		if( attr_merge_one( e, ad_supportedExtension, bv, NULL ) ) {
-			goto fail;
-		}
-	}
-#endif /* LDAP_SLAPI */
 
 	/* supportedFeatures */
 	if ( supportedFeatures == NULL ) {
diff --git a/servers/slapd/slapi/plugin.c b/servers/slapd/slapi/plugin.c
index df84f62..7178259 100644
--- a/servers/slapd/slapi/plugin.c
+++ b/servers/slapd/slapi/plugin.c
@@ -38,6 +38,8 @@
 /* pointer to link list of extended objects */
 static ExtendedOp *pGExtendedOps = NULL;
 
+extern int slapi_over_exop( Operation *, SlapReply * );
+
 /*********************************************************************
  * Function Name:      plugin_pblock_new
  *
@@ -433,6 +435,7 @@
 			}
 			pTmpExtOp = pTmpExtOp->ext_next;
 		}
+                load_extop2(&pTmpExtOp->ext_oid, 0L, slapi_over_exop, 0);
 	}
 
 error_return:
diff --git a/servers/slapd/slapi/slapi_overlay.c b/servers/slapd/slapi/slapi_overlay.c
index 0db4ce2..6caa387 100644
--- a/servers/slapd/slapi/slapi_overlay.c
+++ b/servers/slapd/slapi/slapi_overlay.c
@@ -663,6 +663,118 @@
 }
 
 static int
+slapi_parse_exop(
+        struct berval *in,
+        struct berval *ndn,
+        const char **text,
+        void *ctx )
+{
+        int rc = LDAP_SUCCESS;
+        ber_tag_t tag;
+        ber_len_t len = -1;
+        BerElementBuffer berbuf;
+        BerElement *ber = ( BerElement * )&berbuf;
+        struct berval dn, reqdata = BER_BVNULL;
+        int tmp;
+
+        *text = NULL;
+
+        if ( !ndn )
+            return rc;
+
+        if ( in == NULL || in->bv_len == 0 ) {
+            *text = "empty request data field in exop";
+            return LDAP_PROTOCOL_ERROR;
+        }
+
+        BER_BVZERO( ndn );
+
+        ber_dupbv_x(&reqdata, in, ctx);
+
+        /* ber_init2 uses reqdata directly, doesn't allocate new buffers */
+        ber_init2(ber, &reqdata, 0);
+
+        tag = ber_scanf(ber, "{m", &dn);
+
+        if ( tag == LBER_ERROR ) {
+            Log0( LDAP_DEBUG_TRACE, LDAP_LEVEL_ERR,
+                    "slap_parse_refresh: decoding error.\n");
+            rc = LDAP_PROTOCOL_ERROR;
+            *text = "data decoding error";
+            goto fail;
+        }
+
+        rc = dnNormalize( 0, NULL, NULL, &dn, ndn, ctx );
+
+        if (rc != LDAP_SUCCESS) {
+            *text = "invalid DN in refresh exop request data";
+
+fail:
+            if ( ndn && !BER_BVISNULL( ndn ) ) {
+                slap_sl_free( ndn->bv_val, ctx );
+                BER_BVZERO( ndn );
+            }
+        }
+
+	if ( !BER_BVISNULL( &reqdata ) ) {
+		ber_memfree_x( reqdata.bv_val, ctx );
+	}
+
+        return rc;
+}
+
+int
+slapi_over_exop( Operation *op, SlapReply *rs )
+{
+	BackendDB	*bd = op->o_bd;
+        struct berval   *dn;
+
+	rs->sr_err = slapi_parse_exop( op->ore_reqdata, &op->o_req_ndn,
+		&rs->sr_text, op->o_tmpmemctx );
+
+	if ( rs->sr_err != LDAP_SUCCESS ) {
+		return rs->sr_err;
+	}
+
+	Log2( LDAP_DEBUG_STATS, LDAP_LEVEL_INFO,
+		"%s SLAPI EXOP dn=\"%s\"\n",
+		op->o_log_prefix, op->o_req_ndn.bv_val );
+
+	op->o_req_dn = op->o_req_ndn;
+
+	op->o_bd = select_backend( &op->o_req_ndn, 0 );
+
+	if ( op->o_bd == NULL ) {
+		send_ldap_error( op, rs, LDAP_NO_SUCH_OBJECT,
+			"no global superior knowledge" );
+		goto done;
+	}
+
+	rs->sr_err = backend_check_restrictions( op, rs, NULL );
+	if ( rs->sr_err != LDAP_SUCCESS ) {
+		goto done;
+	}
+
+	if ( op->o_bd->be_extended == NULL ) {
+		send_ldap_error( op, rs, LDAP_UNAVAILABLE_CRITICAL_EXTENSION,
+			"backend does not support extended operations" );
+		goto done;
+	}
+
+	op->o_bd->be_extended( op, rs );
+
+done:;
+	if ( !BER_BVISNULL( &op->o_req_ndn ) ) {
+		op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
+		BER_BVZERO( &op->o_req_ndn );
+		BER_BVZERO( &op->o_req_dn );
+	}
+	op->o_bd = bd;
+
+        return rs->sr_err;
+}
+
+static int
 slapi_over_extended( Operation *op, SlapReply *rs )
 {
 	Slapi_PBlock	*pb;
diff --git a/servers/slapd/slapi/slapi_pblock.c b/servers/slapd/slapi/slapi_pblock.c
index 2c9fc20..0481622 100644
--- a/servers/slapd/slapi/slapi_pblock.c
+++ b/servers/slapd/slapi/slapi_pblock.c
@@ -1206,11 +1206,11 @@
 		break;
 	case SLAPI_EXT_OP_RET_OID:
 		PBLOCK_ASSERT_OP( pb, 0 );
-		pb->pb_rs->sr_rspoid = (char *)value;
+		pb->pb_rs->sr_rspoid = ch_strdup( (char *)value );
 		break;
 	case SLAPI_EXT_OP_RET_VALUE:
 		PBLOCK_ASSERT_OP( pb, 0 );
-		pb->pb_rs->sr_rspdata = (struct berval *)value;
+		pb->pb_rs->sr_rspdata = ber_bvdup( (struct berval *)value );
 		break;
 	case SLAPI_BIND_METHOD:
 		PBLOCK_ASSERT_OP( pb, 0 );
diff --git a/servers/slapd/slapi/slapi_utils.c b/servers/slapd/slapi/slapi_utils.c
index 763f30e..21e86be 100644
--- a/servers/slapd/slapi/slapi_utils.c
+++ b/servers/slapd/slapi/slapi_utils.c
@@ -1359,7 +1359,7 @@
 	if ( err == LDAP_SASL_BIND_IN_PROGRESS ) {
 		send_ldap_sasl( pb->pb_op, rs );
 	} else if ( rs->sr_rspoid != NULL ) {
-		send_ldap_extended( pb->pb_op, rs );
+//		send_ldap_extended( pb->pb_op, rs );
 	} else {
 		if ( pb->pb_op->o_tag == LDAP_REQ_SEARCH )
 			rs->sr_nentries = nentries;