Commit 49cb2d78 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

draft-wahl-ldap-session: append further instances of the control

parent 51004387
......@@ -504,6 +504,14 @@ meta_back_op_result(
time_t timeout,
ldap_back_send_t sendok );
extern int
meta_back_controls_add(
Operation *op,
SlapReply *rs,
metaconn_t *mc,
int candidate,
LDAPControl ***pctrls );
extern int
back_meta_LTX_init_module(
int argc,
......
......@@ -1584,7 +1584,7 @@ meta_back_controls_add(
LDAPControl **ctrls = NULL;
/* set to the maximum number of controls this backend can add */
LDAPControl c[ 2 ] = { 0 };
int i = 0, j = 0;
int n = 0, i, j1 = 0, j2 = 0;
*pctrls = NULL;
......@@ -1605,30 +1605,34 @@ meta_back_controls_add(
goto done;
}
/* put controls that go __before__ existing ones here */
/* proxyAuthz for identity assertion */
switch ( ldap_back_proxy_authz_ctrl( op, rs, &msc->msc_bound_ndn,
mt->mt_version, &mt->mt_idassert, &c[ j ] ) )
mt->mt_version, &mt->mt_idassert, &c[ j1 ] ) )
{
case SLAP_CB_CONTINUE:
break;
case LDAP_SUCCESS:
j++;
j1++;
break;
default:
goto done;
}
/* put controls that go __after__ existing ones here */
#ifdef SLAP_CONTROL_X_SESSION_TRACKING
/* session tracking */
if ( META_BACK_TGT_ST_REQUEST( mt ) ) {
switch ( slap_ctrl_session_tracking_request_add( op, rs, &c[ j ] ) ) {
switch ( slap_ctrl_session_tracking_request_add( op, rs, &c[ j1 + j2 ] ) ) {
case SLAP_CB_CONTINUE:
break;
case LDAP_SUCCESS:
j++;
j2++;
break;
default:
......@@ -1641,31 +1645,47 @@ meta_back_controls_add(
rs->sr_err = LDAP_SUCCESS;
}
if ( j == 0 ) {
/* if nothing to do, just bail out */
if ( j1 == 0 && j2 == 0 ) {
goto done;
}
assert( j1 + j1 <= sizeof( c )/sizeof(LDAPControl) );
if ( op->o_ctrls ) {
for ( i = 0; op->o_ctrls[ i ]; i++ )
for ( n = 0; op->o_ctrls[ n ]; n++ )
/* just count ctrls */ ;
}
ctrls = op->o_tmpalloc( sizeof( LDAPControl * ) * (i + j + 1) + j * sizeof( LDAPControl ),
ctrls = op->o_tmpalloc( (n + j1 + j2 + 1) * sizeof( LDAPControl * ) + ( j1 + j2 ) * sizeof( LDAPControl ),
op->o_tmpmemctx );
ctrls[ 0 ] = (LDAPControl *)&ctrls[ i + j + 1 ];
*ctrls[ 0 ] = c[ 0 ];
for ( i = 1; i < j; i++ ) {
ctrls[ i ] = &ctrls[ 0 ][ i ];
*ctrls[ i ] = c[ i ];
if ( j1 ) {
ctrls[ 0 ] = (LDAPControl *)&ctrls[ n + j1 + j2 + 1 ];
*ctrls[ 0 ] = c[ 0 ];
for ( i = 1; i < j1; i++ ) {
ctrls[ i ] = &ctrls[ 0 ][ i ];
*ctrls[ i ] = c[ i ];
}
}
i = 0;
if ( op->o_ctrls ) {
for ( i = 0; op->o_ctrls[ i ]; i++ ) {
ctrls[ i + j ] = op->o_ctrls[ i ];
ctrls[ i + j1 ] = op->o_ctrls[ i ];
}
}
ctrls[ i + j ] = NULL;
n += j1;
if ( j2 ) {
ctrls[ n ] = (LDAPControl *)&ctrls[ n + j2 + 1 ] + j1;
*ctrls[ n ] = c[ j1 ];
for ( i = 1; i < j2; i++ ) {
ctrls[ n + i ] = &ctrls[ n ][ i ];
*ctrls[ n + i ] = c[ i ];
}
}
ctrls[ n + j2 ] = NULL;
done:;
if ( ctrls == NULL ) {
......
......@@ -1650,6 +1650,9 @@ static int parseSessionTracking(
return LDAP_PROTOCOL_ERROR;
}
/* TODO: add the capability to determine if a client is allowed
* to use this control, based on identity, ip and so */
ber = ber_init( &ctrl->ldctl_value );
if ( ber == NULL ) {
rs->sr_text = "internal error";
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment