(ITS#5757) back-null returns an error when any critical extension is specified

[jclarke@linagora.com]

Full_Name: Jonathan Clarke
Version: RE24 (and 2.3.x)
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (213.41.243.192)


Hi folks,

Considering a setup like the following:
8<------------------------------------------------
database        ldap
suffix          "dc=remote,o=base"
subordinate
uri ldap://ldap.remote.com
overlay rwm
rwm-suffixmassage dc=remote,o=base dc=remote
 
database        null
suffix          "o=base"
overlay         glue
8<------------------------------------------------

(I realize this is of course completely useless on it's own, but associated to
other backends is quite useful - this simple example is to explain this bug
report only)

A search of scope sub on o=base will be passed to back-ldap, performed on the
remote server and the results returned. If a non-critical control is passed with
a search, back-null will pass it to back-ldap, and to the remote server, with
success, returning results as expected with the control.

However, if a critical control is passed in the same way, back-null returns the
"12 Critical extension is unavailable" error, since back-null doesn't declare
support for any controls.

According to the slapd-null man page for back-null: "Searches return success but
no entries".

The following patch changes this so that back-null declares controls in the same
way back-ldap and back-meta do, and passes critical controls on to any
subordinate databases. In case they don't support the control, success is
returned anyway, as the man page specifies.

The patch: http://milopita.phillipoux.net/jonathan-clarke-20081020.patch
(this a simple copy and paste from back-ldap/back-meta)