From: Howard Chu <hyc@openldap.org>
Date: Fri, 24 Jun 2022 15:49:45 +0000 (+0100)
Subject: ITS#9871 slapo-ppolicy: use explicit backend in bind_response
X-Git-Tag: OPENLDAP_REL_ENG_2_5_13~12
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6a95709a71b199750661a8d2d257e13da19c3d2a;p=thirdparty%2Fopenldap.git

ITS#9871 slapo-ppolicy: use explicit backend in bind_response
---

diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
index a2c86f6c04..a3f2e709aa 100644
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -1405,7 +1405,8 @@ free_pwd_history_list( pw_hist **l )
 }
 
 typedef struct ppbind {
-	slap_overinst *on;
+	pp_info *pi;
+	BackendDB *be;
 	int send_ctrl;
 	int set_restrict;
 	LDAPControl **oldctrls;
@@ -1455,8 +1456,7 @@ static int
 ppolicy_bind_response( Operation *op, SlapReply *rs )
 {
 	ppbind *ppb = op->o_callback->sc_private;
-	slap_overinst *on = ppb->on;
-	pp_info *pi = on->on_bi.bi_private;
+	pp_info *pi = ppb->pi;
 	Modifications *mod = ppb->mod, *m;
 	int pwExpired = 0;
 	int ngut = -1, warn = -1, fc = 0, age, rc;
@@ -1467,7 +1467,7 @@ ppolicy_bind_response( Operation *op, SlapReply *rs )
 	char nowstr[ LDAP_LUTIL_GENTIME_BUFSIZE ];
 	char nowstr_usec[ LDAP_LUTIL_GENTIME_BUFSIZE+8 ];
 	struct berval timestamp, timestamp_usec;
-	BackendInfo *bi = op->o_bd->bd_info;
+	BackendDB *be = op->o_bd;
 	LDAPControl *ctrl = NULL;
 	Entry *e;
 
@@ -1477,9 +1477,9 @@ ppolicy_bind_response( Operation *op, SlapReply *rs )
 		goto locked;
 	}
 
-	op->o_bd->bd_info = (BackendInfo *)on->on_info;
+	op->o_bd = ppb->be;
 	rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &e );
-	op->o_bd->bd_info = bi;
+	op->o_bd = be;
 
 	if ( rc != LDAP_SUCCESS ) {
 		ldap_pvt_thread_mutex_unlock( &pi->pwdFailureTime_mutex );
@@ -1781,8 +1781,9 @@ check_expiring_password:
 	}
 
 done:
-	op->o_bd->bd_info = (BackendInfo *)on->on_info;
+	op->o_bd = ppb->be;
 	be_entry_release_r( op, e );
+	op->o_bd = be;
 
 locked:
 	if ( mod && !pi->disable_write ) {
@@ -1821,7 +1822,7 @@ locked:
 				op2.orm_no_opattrs = 1;
 				op2.o_dont_replicate = 1;
 			}
-			op2.o_bd->bd_info = (BackendInfo *)on->on_info;
+			op2.o_bd = ppb->be;
 		}
 		rc = op2.o_bd->be_modify( &op2, &r2 );
 		if ( rc != LDAP_SUCCESS ) {
@@ -1852,7 +1853,6 @@ locked:
 		ppb->oldctrls = add_passcontrol( op, rs, ctrl );
 		op->o_callback->sc_cleanup = ppolicy_ctrls_cleanup;
 	}
-	op->o_bd->bd_info = bi;
 	ldap_pvt_thread_mutex_unlock( &pi->pwdFailureTime_mutex );
 	return SLAP_CB_CONTINUE;
 }
@@ -1885,7 +1885,8 @@ ppolicy_bind( Operation *op, SlapReply *rs )
 		cb = op->o_tmpcalloc( sizeof(ppbind)+sizeof(slap_callback),
 			1, op->o_tmpmemctx );
 		ppb = (ppbind *)(cb+1);
-		ppb->on = on;
+		ppb->pi = on->on_bi.bi_private;
+		ppb->be = op->o_bd->bd_self;
 		ppb->pErr = PP_noError;
 		ppb->set_restrict = 1;
 
@@ -2175,7 +2176,8 @@ ppolicy_compare(
 		cb = op->o_tmpcalloc( sizeof(ppbind)+sizeof(slap_callback),
 			1, op->o_tmpmemctx );
 		ppb = (ppbind *)(cb+1);
-		ppb->on = on;
+		ppb->pi = on->on_bi.bi_private;
+		ppb->be = op->o_bd->bd_self;
 		ppb->pErr = PP_noError;
 		ppb->send_ctrl = 1;
 		/* failures here don't lockout the connection */