- switch (gdu->u.z3950->which) {
- case Z_APDU_initRequest: return process_init(package);
- case Z_APDU_searchRequest: return process_search(package);
- case Z_APDU_scanRequest: return process_scan(package);
- // In theory, we should check database authorisation for
- // extended services, too (A) the proxy currently does not
- // implement XS and turns off its negotiation bit; (B) it
- // would be insanely complex to do as the top-level XS request
- // structure does not carry a database name, but it is buried
- // down in some of the possible EXTERNALs used as
- // taskSpecificParameters; and (C) since many extended
- // services modify the database, we'd need to more exotic
- // authorisation database than we want to support.
- default: break;
- }
+ if (m_p->got_userRegister) {
+ switch (gdu->u.z3950->which) {
+ case Z_APDU_initRequest: return process_init(package);
+ case Z_APDU_searchRequest: return process_search(package);
+ case Z_APDU_scanRequest: return process_scan(package);
+ // In theory, we should check database authorisation for
+ // extended services, too (A) the proxy currently does not
+ // implement XS and turns off its negotiation bit; (B) it
+ // would be insanely complex to do as the top-level XS request
+ // structure does not carry a database name, but it is buried
+ // down in some of the possible EXTERNALs used as
+ // taskSpecificParameters; and (C) since many extended
+ // services modify the database, we'd need to more exotic
+ // authorisation database than we want to support.
+ default: break;
+ }
+ }
+
+ if (m_p->got_targetRegister && gdu->u.z3950->which == Z_APDU_initRequest)
+ return check_targets(package);