2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1998-2005 The OpenLDAP Foundation.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
11 * A copy of this license is available in the file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
15 /* Portions Copyright (c) 1995 Regents of the University of Michigan.
16 * All rights reserved.
18 /* This notice applies to changes, created by or for Novell, Inc.,
19 * to preexisting works for which notices appear elsewhere in this file.
21 * Copyright (C) 1999, 2000 Novell, Inc. All Rights Reserved.
23 * THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND TREATIES.
24 * USE, MODIFICATION, AND REDISTRIBUTION OF THIS WORK IS SUBJECT TO VERSION
25 * 2.0.1 OF THE OPENLDAP PUBLIC LICENSE, A COPY OF WHICH IS AVAILABLE AT
26 * HTTP://WWW.OPENLDAP.ORG/LICENSE.HTML OR IN THE FILE "LICENSE" IN THE
27 * TOP-LEVEL DIRECTORY OF THE DISTRIBUTION. ANY USE OR EXPLOITATION OF THIS
28 * WORK OTHER THAN AS AUTHORIZED IN VERSION 2.0.1 OF THE OPENLDAP PUBLIC
29 * LICENSE, OR OTHER PRIOR WRITTEN CONSENT FROM NOVELL, COULD SUBJECT THE
30 * PERPETRATOR TO CRIMINAL AND CIVIL LIABILITY.
32 * Modification to OpenLDAP source by Novell, Inc.
33 * April 2000 sfs Added code to chase V3 referrals
34 * request.c - sending of ldap requests; handling of referrals
36 * Note: A verbatim copy of version 2.0.1 of the OpenLDAP Public License
37 * can be found in the file "build/LICENSE-2.0.1" in this distribution
38 * of OpenLDAP Software.
45 #include <ac/stdlib.h>
48 #include <ac/socket.h>
49 #include <ac/string.h>
51 #include <ac/unistd.h>
56 static LDAPConn *find_connection LDAP_P(( LDAP *ld, LDAPURLDesc *srv, int any ));
57 static void use_connection LDAP_P(( LDAP *ld, LDAPConn *lc ));
60 re_encode_request( LDAP *ld,
68 ldap_alloc_ber_with_options( LDAP *ld )
72 if (( ber = ber_alloc_t( ld->ld_lberoptions )) == NULL ) {
73 ld->ld_errno = LDAP_NO_MEMORY;
81 ldap_set_ber_options( LDAP *ld, BerElement *ber )
83 ber->ber_options = ld->ld_lberoptions;
88 ldap_send_initial_request(
98 Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
100 if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, NULL ) == -1 ) {
101 /* not connected yet */
102 int rc = ldap_open_defconn( ld );
109 Debug( LDAP_DEBUG_TRACE,
110 "ldap_open_defconn: successful\n",
116 * use of DNS is turned off or this is an X.500 DN...
117 * use our default connection
122 #ifdef LDAP_CONNECTIONLESS
123 if (LDAP_IS_UDP(ld)) {
124 if (msgtype == LDAP_REQ_BIND) {
125 if (ld->ld_options.ldo_cldapdn)
126 ldap_memfree(ld->ld_options.ldo_cldapdn);
127 ld->ld_options.ldo_cldapdn = ldap_strdup(dn);
130 if (msgtype != LDAP_REQ_ABANDON && msgtype != LDAP_REQ_SEARCH)
131 return LDAP_PARAM_ERROR;
134 #ifdef LDAP_R_COMPILE
135 ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
137 rc = ldap_send_server_request( ld, ber, msgid, NULL,
138 servers, NULL, NULL );
139 #ifdef LDAP_R_COMPILE
140 ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
143 ldap_free_urllist(servers);
149 ldap_int_flush_request(
153 LDAPConn *lc = lr->lr_conn;
155 if ( ber_flush( lc->lconn_sb, lr->lr_ber, 0 ) != 0 ) {
156 if ( errno == EAGAIN ) {
157 /* need to continue write later */
158 lr->lr_status = LDAP_REQST_WRITING;
159 ldap_mark_select_write( ld, lc->lconn_sb );
160 ld->ld_errno = LDAP_BUSY;
163 ld->ld_errno = LDAP_SERVER_DOWN;
164 ldap_free_request( ld, lr );
165 ldap_free_connection( ld, lc, 0, 0 );
169 if ( lr->lr_parent == NULL ) {
170 lr->lr_ber->ber_end = lr->lr_ber->ber_ptr;
171 lr->lr_ber->ber_ptr = lr->lr_ber->ber_buf;
173 lr->lr_status = LDAP_REQST_INPROGRESS;
175 /* sent -- waiting for a response */
176 ldap_mark_select_read( ld, lc->lconn_sb );
182 ldap_send_server_request(
186 LDAPRequest *parentreq,
187 LDAPURLDesc *srvlist,
194 Debug( LDAP_DEBUG_TRACE, "ldap_send_server_request\n", 0, 0, 0 );
197 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
200 if ( srvlist == NULL ) {
203 if (( lc = find_connection( ld, srvlist, 1 )) ==
205 if ( (bind != NULL) && (parentreq != NULL) ) {
206 /* Remember the bind in the parent */
208 ++parentreq->lr_outrefcnt;
210 lc = ldap_new_connection( ld, srvlist, 0, 1, bind );
215 if ( lc == NULL || lc->lconn_status != LDAP_CONNST_CONNECTED ) {
217 if ( ld->ld_errno == LDAP_SUCCESS ) {
218 ld->ld_errno = LDAP_SERVER_DOWN;
221 /* Forget about the bind */
222 --parentreq->lr_outrefcnt;
227 use_connection( ld, lc );
229 /* If we still have an incomplete write, try to finish it before
230 * dealing with the new request. If we don't finish here, return
231 * LDAP_BUSY and let the caller retry later. We only allow a single
232 * request to be in WRITING state.
235 if ( ld->ld_requests &&
236 ld->ld_requests->lr_status == LDAP_REQST_WRITING &&
237 ldap_int_flush_request( ld, ld->ld_requests ) < 0 ) {
242 if (( lr = (LDAPRequest *)LDAP_CALLOC( 1, sizeof( LDAPRequest ))) ==
244 ld->ld_errno = LDAP_NO_MEMORY;
245 ldap_free_connection( ld, lc, 0, 0 );
248 /* Forget about the bind */
249 --parentreq->lr_outrefcnt;
253 lr->lr_msgid = msgid;
254 lr->lr_status = LDAP_REQST_INPROGRESS;
255 lr->lr_res_errno = LDAP_SUCCESS; /* optimistic */
258 if ( parentreq != NULL ) { /* sub-request */
260 /* Increment if we didn't do it before the bind */
261 ++parentreq->lr_outrefcnt;
263 lr->lr_origid = parentreq->lr_origid;
264 lr->lr_parentcnt = parentreq->lr_parentcnt + 1;
265 lr->lr_parent = parentreq;
266 lr->lr_refnext = parentreq->lr_child;
267 parentreq->lr_child = lr;
268 } else { /* original request */
269 lr->lr_origid = lr->lr_msgid;
272 if (( lr->lr_next = ld->ld_requests ) != NULL ) {
273 lr->lr_next->lr_prev = lr;
275 ld->ld_requests = lr;
278 ld->ld_errno = LDAP_SUCCESS;
279 if ( ldap_int_flush_request( ld, lr ) == -1 ) {
287 ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb,
288 int connect, LDAPreqinfo *bind )
294 Debug( LDAP_DEBUG_TRACE, "ldap_new_connection\n", 0, 0, 0 );
296 * make a new LDAP server connection
297 * XXX open connection synchronously for now
299 if (( lc = (LDAPConn *)LDAP_CALLOC( 1, sizeof( LDAPConn ))) == NULL ||
300 ( !use_ldsb && ( (sb = ber_sockbuf_alloc()) == NULL ))) {
302 LDAP_FREE( (char *)lc );
304 ld->ld_errno = LDAP_NO_MEMORY;
308 lc->lconn_sb = ( use_ldsb ) ? ld->ld_sb : sb;
311 for ( srv = srvlist; srv != NULL; srv = srv->lud_next ) {
312 if ( ldap_int_open_connection( ld, lc, srv, 0 ) != -1 ) {
319 ber_sockbuf_free( lc->lconn_sb );
321 LDAP_FREE( (char *)lc );
322 ld->ld_errno = LDAP_SERVER_DOWN;
326 lc->lconn_server = ldap_url_dup(srv);
329 lc->lconn_status = LDAP_CONNST_CONNECTED;
330 lc->lconn_next = ld->ld_conns;
334 * XXX for now, we always do a synchronous bind. This will have
335 * to change in the long run...
339 LDAPConn *savedefconn;
341 /* Set flag to prevent additional referrals from being processed on this
342 * connection until the bind has completed
344 lc->lconn_rebind_inprogress = 1;
345 /* V3 rebind function */
346 if ( ld->ld_rebind_proc != NULL) {
347 LDAPURLDesc *srvfunc;
348 if( ( srvfunc = ldap_url_dup( srvlist)) == NULL) {
349 ld->ld_errno = LDAP_NO_MEMORY;
352 savedefconn = ld->ld_defconn;
353 ++lc->lconn_refcnt; /* avoid premature free */
356 Debug( LDAP_DEBUG_TRACE, "Call application rebind_proc\n", 0, 0, 0);
357 #ifdef LDAP_R_COMPILE
358 ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
359 ldap_pvt_thread_mutex_unlock( &ld->ld_res_mutex );
361 err = (*ld->ld_rebind_proc)( ld,
362 bind->ri_url, bind->ri_request, bind->ri_msgid,
363 ld->ld_rebind_params );
364 #ifdef LDAP_R_COMPILE
365 ldap_pvt_thread_mutex_lock( &ld->ld_res_mutex );
366 ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
369 ld->ld_defconn = savedefconn;
374 ldap_free_connection( ld, lc, 1, 0 );
377 ldap_free_urldesc( srvfunc);
380 savedefconn = ld->ld_defconn;
381 ++lc->lconn_refcnt; /* avoid premature free */
384 Debug( LDAP_DEBUG_TRACE, "anonymous rebind via ldap_bind_s\n", 0, 0, 0);
385 #ifdef LDAP_R_COMPILE
386 ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
387 ldap_pvt_thread_mutex_unlock( &ld->ld_res_mutex );
389 if ( ldap_bind_s( ld, "", "", LDAP_AUTH_SIMPLE ) != LDAP_SUCCESS ) {
392 #ifdef LDAP_R_COMPILE
393 ldap_pvt_thread_mutex_lock( &ld->ld_res_mutex );
394 ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
396 ld->ld_defconn = savedefconn;
400 ldap_free_connection( ld, lc, 1, 0 );
405 lc->lconn_rebind_inprogress = 0;
413 find_connection( LDAP *ld, LDAPURLDesc *srv, int any )
415 * return an existing connection (if any) to the server srv
416 * if "any" is non-zero, check for any server in the "srv" chain
420 LDAPURLDesc *lcu, *lsu;
421 int lcu_port, lsu_port;
423 for ( lc = ld->ld_conns; lc != NULL; lc = lc->lconn_next ) {
424 lcu = lc->lconn_server;
425 lcu_port = ldap_pvt_url_scheme_port( lcu->lud_scheme,
428 for ( lsu = srv; lsu != NULL; lsu = lsu->lud_next ) {
429 lsu_port = ldap_pvt_url_scheme_port( lsu->lud_scheme,
432 if ( strcmp( lcu->lud_scheme, lsu->lud_scheme ) == 0
433 && lcu->lud_host != NULL && *lcu->lud_host != '\0'
434 && lsu->lud_host != NULL && *lsu->lud_host != '\0'
435 && strcasecmp( lsu->lud_host, lcu->lud_host ) == 0
436 && lsu_port == lcu_port )
451 use_connection( LDAP *ld, LDAPConn *lc )
454 lc->lconn_lastused = time( NULL );
459 ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind )
461 LDAPConn *tmplc, *prevlc;
463 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection\n", 0, 0, 0 );
465 if ( force || --lc->lconn_refcnt <= 0 ) {
466 if ( lc->lconn_status == LDAP_CONNST_CONNECTED ) {
467 ldap_mark_select_clear( ld, lc->lconn_sb );
469 ldap_send_unbind( ld, lc->lconn_sb, NULL, NULL );
473 if( lc->lconn_ber != NULL ) {
474 ber_free( lc->lconn_ber, 1 );
477 ldap_int_sasl_close( ld, lc );
480 for ( tmplc = ld->ld_conns; tmplc != NULL;
481 tmplc = tmplc->lconn_next ) {
483 if ( prevlc == NULL ) {
484 ld->ld_conns = tmplc->lconn_next;
486 prevlc->lconn_next = tmplc->lconn_next;
492 ldap_free_urllist( lc->lconn_server );
493 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
494 if ( lc->lconn_krbinstance != NULL ) {
495 LDAP_FREE( lc->lconn_krbinstance );
498 if ( lc->lconn_sb != ld->ld_sb ) {
499 ber_sockbuf_free( lc->lconn_sb );
501 if( lc->lconn_rebind_queue != NULL) {
503 for( i = 0; lc->lconn_rebind_queue[i] != NULL; i++) {
504 LDAP_VFREE(lc->lconn_rebind_queue[i]);
506 LDAP_FREE( lc->lconn_rebind_queue);
509 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: actually freed\n",
512 lc->lconn_lastused = time( NULL );
513 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: refcnt %d\n",
514 lc->lconn_refcnt, 0, 0 );
521 ldap_dump_connection( LDAP *ld, LDAPConn *lconns, int all )
526 fprintf( stderr, "** Connection%s:\n", all ? "s" : "" );
527 for ( lc = lconns; lc != NULL; lc = lc->lconn_next ) {
528 if ( lc->lconn_server != NULL ) {
529 fprintf( stderr, "* host: %s port: %d%s\n",
530 ( lc->lconn_server->lud_host == NULL ) ? "(null)"
531 : lc->lconn_server->lud_host,
532 lc->lconn_server->lud_port, ( lc->lconn_sb ==
533 ld->ld_sb ) ? " (default)" : "" );
535 fprintf( stderr, " refcnt: %d status: %s\n", lc->lconn_refcnt,
536 ( lc->lconn_status == LDAP_CONNST_NEEDSOCKET ) ?
537 "NeedSocket" : ( lc->lconn_status ==
538 LDAP_CONNST_CONNECTING ) ? "Connecting" : "Connected" );
539 fprintf( stderr, " last used: %s",
540 ldap_pvt_ctime( &lc->lconn_lastused, timebuf ));
541 if( lc->lconn_rebind_inprogress ) {
542 fprintf( stderr, " rebind in progress\n");
543 if( lc->lconn_rebind_queue != NULL) {
545 for( ;lc->lconn_rebind_queue[i] != NULL; i++) {
547 for( ;lc->lconn_rebind_queue[i][j] != 0; j++) {
548 fprintf( stderr, " queue %d entry %d - %s\n",
549 i, j, lc->lconn_rebind_queue[i][j]);
553 fprintf( stderr, " queue is empty\n");
556 fprintf(stderr, "\n");
565 ldap_dump_requests_and_responses( LDAP *ld )
570 #ifdef LDAP_R_COMPILE
571 ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
573 fprintf( stderr, "** Outstanding Requests:\n" );
574 if (( lr = ld->ld_requests ) == NULL ) {
575 fprintf( stderr, " Empty\n" );
577 for ( ; lr != NULL; lr = lr->lr_next ) {
578 fprintf( stderr, " * msgid %d, origid %d, status %s\n",
579 lr->lr_msgid, lr->lr_origid,
580 ( lr->lr_status == LDAP_REQST_INPROGRESS ) ? "InProgress" :
581 ( lr->lr_status == LDAP_REQST_CHASINGREFS ) ? "ChasingRefs" :
582 ( lr->lr_status == LDAP_REQST_NOTCONNECTED ) ? "NotConnected" :
583 ( lr->lr_status == LDAP_REQST_WRITING) ? "Writing" :
584 ( lr->lr_status == LDAP_REQST_COMPLETED ? "Request Completed" : "Invalid Status"));
585 fprintf( stderr, " outstanding referrals %d, parent count %d\n",
586 lr->lr_outrefcnt, lr->lr_parentcnt );
588 #ifdef LDAP_R_COMPILE
589 ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
591 fprintf( stderr, "** Response Queue:\n" );
592 if (( lm = ld->ld_responses ) == NULL ) {
593 fprintf( stderr, " Empty\n" );
595 for ( ; lm != NULL; lm = lm->lm_next ) {
596 fprintf( stderr, " * msgid %d, type %lu\n",
597 lm->lm_msgid, (unsigned long) lm->lm_msgtype );
598 if (( l = lm->lm_chain ) != NULL ) {
599 fprintf( stderr, " chained responses:\n" );
600 for ( ; l != NULL; l = l->lm_chain ) {
602 " * msgid %d, type %lu\n",
604 (unsigned long) l->lm_msgtype );
609 #endif /* LDAP_DEBUG */
612 ldap_free_request_int( LDAP *ld, LDAPRequest *lr )
614 if ( lr->lr_prev == NULL ) {
615 ld->ld_requests = lr->lr_next;
617 lr->lr_prev->lr_next = lr->lr_next;
620 if ( lr->lr_next != NULL ) {
621 lr->lr_next->lr_prev = lr->lr_prev;
624 if ( lr->lr_ber != NULL ) {
625 ber_free( lr->lr_ber, 1 );
628 if ( lr->lr_res_error != NULL ) {
629 LDAP_FREE( lr->lr_res_error );
632 if ( lr->lr_res_matched != NULL ) {
633 LDAP_FREE( lr->lr_res_matched );
640 ldap_free_request( LDAP *ld, LDAPRequest *lr )
642 LDAPRequest **ttmplr;
644 Debug( LDAP_DEBUG_TRACE, "ldap_free_request (origid %d, msgid %d)\n",
645 lr->lr_origid, lr->lr_msgid, 0 );
647 /* free all referrals (child requests) */
648 while ( lr->lr_child )
649 ldap_free_request( ld, lr->lr_child );
651 if ( lr->lr_parent != NULL ) {
652 --lr->lr_parent->lr_outrefcnt;
653 for ( ttmplr = &lr->lr_parent->lr_child; *ttmplr && *ttmplr != lr; ttmplr = &(*ttmplr)->lr_refnext );
655 *ttmplr = lr->lr_refnext;
657 ldap_free_request_int( ld, lr );
661 * call first time with *cntp = -1
662 * when returns *cntp == -1, no referrals are left
664 * NOTE: may replace *refsp, or shuffle the contents
665 * of the original array.
667 static int ldap_int_nextref(
673 assert( refsp != NULL );
674 assert( *refsp != NULL );
675 assert( cntp != NULL );
684 if ( (*refsp)[ *cntp ] == NULL ) {
695 * (IN) ld = LDAP connection handle
696 * (IN) lr = LDAP Request structure
697 * (IN) refs = array of pointers to referral strings that we will chase
698 * The array will be free'd by this function when no longer needed
699 * (IN) sref != 0 if following search reference
700 * (OUT) errstrp = Place to return a string of referrals which could not be followed
701 * (OUT) hadrefp = 1 if sucessfully followed referral
703 * Return value - number of referrals followed
706 ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, int sref, char **errstrp, int *hadrefp )
709 int unfollowedcnt = 0;
710 LDAPRequest *origreq;
711 LDAPURLDesc *srv = NULL;
713 char **refarray = NULL;
715 int rc, count, i, j, id;
718 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
721 Debug( LDAP_DEBUG_TRACE, "ldap_chase_v3referrals\n", 0, 0, 0 );
726 /* If no referrals in array, return */
727 if ( (refs == NULL) || ( (refs)[0] == NULL) ) {
732 /* Check for hop limit exceeded */
733 if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
734 Debug( LDAP_DEBUG_ANY,
735 "more than %d referral hops (dropping)\n", ld->ld_refhoplimit, 0, 0 );
736 ld->ld_errno = LDAP_REFERRAL_LIMIT_EXCEEDED;
741 /* find original request */
743 origreq->lr_parent != NULL;
744 origreq = origreq->lr_parent )
752 if ( ld->ld_nextref_proc == NULL ) {
753 ld->ld_nextref_proc = ldap_int_nextref;
756 /* parse out & follow referrals */
758 for ( ld->ld_nextref_proc( ld, &refarray, &i, ld->ld_nextref_params );
760 ld->ld_nextref_proc( ld, &refarray, &i, ld->ld_nextref_params ) )
763 /* Parse the referral URL */
764 if (( rc = ldap_url_parse_ext( refarray[i], &srv)) != LDAP_SUCCESS) {
770 if( srv->lud_crit_exts ) {
771 /* we do not support any extensions */
772 ld->ld_errno = LDAP_NOT_SUPPORTED;
777 /* treat ldap://hostpart and ldap://hostpart/ the same */
778 if ( srv->lud_dn && srv->lud_dn[0] == '\0' ) {
779 LDAP_FREE( srv->lud_dn );
783 /* check connection for re-bind in progress */
784 if (( lc = find_connection( ld, srv, 1 )) != NULL ) {
785 if( lc->lconn_rebind_inprogress) {
786 /* We are already chasing a referral or search reference and a
787 * bind on that connection is in progress. We must queue
788 * referrals on that connection, so we don't get a request
789 * going out before the bind operation completes. This happens
790 * if two search references come in one behind the other
791 * for the same server with different contexts.
793 Debug( LDAP_DEBUG_TRACE,
794 "ldap_chase_v3referrals: queue referral \"%s\"\n",
796 if( lc->lconn_rebind_queue == NULL ) {
797 /* Create a referral list */
798 lc->lconn_rebind_queue =
799 (char ***) LDAP_MALLOC( sizeof(void *) * 2);
801 if( lc->lconn_rebind_queue == NULL) {
802 ld->ld_errno = LDAP_NO_MEMORY;
807 lc->lconn_rebind_queue[0] = refarray;
808 lc->lconn_rebind_queue[1] = NULL;
812 /* Count how many referral arrays we already have */
813 for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++) {
817 /* Add the new referral to the list */
818 lc->lconn_rebind_queue = (char ***) LDAP_REALLOC(
819 lc->lconn_rebind_queue, sizeof(void *) * (j + 2));
821 if( lc->lconn_rebind_queue == NULL ) {
822 ld->ld_errno = LDAP_NO_MEMORY;
826 lc->lconn_rebind_queue[j] = refarray;
827 lc->lconn_rebind_queue[j+1] = NULL;
831 /* We have queued the referral/reference, now just return */
834 count = 1; /* Pretend we already followed referral */
838 /* Re-encode the request with the new starting point of the search.
839 * Note: In the future we also need to replace the filter if one
840 * was provided with the search reference
843 /* For references we don't want old dn if new dn empty */
844 if ( sref && srv->lud_dn == NULL ) {
845 srv->lud_dn = LDAP_STRDUP( "" );
848 LDAP_NEXT_MSGID( ld, id );
849 ber = re_encode_request( ld, origreq->lr_ber, id,
850 sref, srv, &rinfo.ri_request );
853 ld->ld_errno = LDAP_ENCODING_ERROR;
858 Debug( LDAP_DEBUG_TRACE,
859 "ldap_chase_v3referral: msgid %d, url \"%s\"\n",
860 lr->lr_msgid, refarray[i], 0);
862 /* Send the new request to the server - may require a bind */
863 rinfo.ri_msgid = origreq->lr_origid;
864 rinfo.ri_url = refarray[i];
865 #ifdef LDAP_R_COMPILE
866 ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
868 rc = ldap_send_server_request( ld, ber, id,
869 origreq, srv, NULL, &rinfo );
870 #ifdef LDAP_R_COMPILE
871 ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
874 /* Failure, try next referral in the list */
875 Debug( LDAP_DEBUG_ANY, "Unable to chase referral \"%s\" (%s)\n",
876 refarray[i], ldap_err2string( ld->ld_errno ), 0);
877 unfollowedcnt += ldap_append_referral( ld, &unfollowed, refarray[i]);
878 ldap_free_urllist(srv);
881 /* Success, no need to try this referral list further */
886 /* check if there is a queue of referrals that came in during bind */
888 if (( lc = find_connection( ld, srv, 1 )) == NULL ) {
889 ld->ld_errno = LDAP_OPERATIONS_ERROR;
895 if( lc->lconn_rebind_queue != NULL) {
896 /* Release resources of previous list */
897 LDAP_VFREE(refarray);
899 ldap_free_urllist(srv);
902 /* Pull entries off end of queue so list always null terminated */
903 for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++) {
906 refarray = lc->lconn_rebind_queue[j-1];
907 lc->lconn_rebind_queue[j-1] = NULL;
908 /* we pulled off last entry from queue, free queue */
910 LDAP_FREE( lc->lconn_rebind_queue);
911 lc->lconn_rebind_queue = NULL;
913 /* restart the loop the with new referral list */
917 break; /* referral followed, break out of for loop */
921 LDAP_VFREE(refarray);
922 ldap_free_urllist(srv);
923 LDAP_FREE( *errstrp );
927 LDAP_FREE( unfollowed );
930 ld->ld_errno = LDAP_REFERRAL;
931 *errstrp = unfollowed;
937 * XXX merging of errors in this routine needs to be improved
940 ldap_chase_referrals( LDAP *ld,
948 char *p, *ref, *unfollowed;
949 LDAPRequest *origreq;
954 Debug( LDAP_DEBUG_TRACE, "ldap_chase_referrals\n", 0, 0, 0 );
956 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
959 if ( *errstrp == NULL ) {
963 len = strlen( *errstrp );
964 for ( p = *errstrp; len >= LDAP_REF_STR_LEN; ++p, --len ) {
965 if ( strncasecmp( p, LDAP_REF_STR, LDAP_REF_STR_LEN ) == 0 ) {
967 p += LDAP_REF_STR_LEN;
972 if ( len < LDAP_REF_STR_LEN ) {
976 if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
977 Debug( LDAP_DEBUG_ANY,
978 "more than %d referral hops (dropping)\n",
979 ld->ld_refhoplimit, 0, 0 );
980 /* XXX report as error in ld->ld_errno? */
984 /* find original request */
985 for ( origreq = lr; origreq->lr_parent != NULL;
986 origreq = origreq->lr_parent ) {
993 /* parse out & follow referrals */
994 for ( ref = p; rc == 0 && ref != NULL; ref = p ) {
995 if (( p = strchr( ref, '\n' )) != NULL ) {
1001 rc = ldap_url_parse_ext( ref, &srv );
1003 if ( rc != LDAP_URL_SUCCESS ) {
1004 Debug( LDAP_DEBUG_TRACE,
1005 "ignoring unknown referral <%s>\n", ref, 0, 0 );
1006 rc = ldap_append_referral( ld, &unfollowed, ref );
1011 if( srv->lud_dn != NULL && srv->lud_dn == '\0' ) {
1012 LDAP_FREE( srv->lud_dn );
1016 Debug( LDAP_DEBUG_TRACE,
1017 "chasing LDAP referral: <%s>\n", ref, 0, 0 );
1021 LDAP_NEXT_MSGID( ld, id );
1022 ber = re_encode_request( ld, origreq->lr_ber,
1023 id, sref, srv, &rinfo.ri_request );
1029 /* copy the complete referral for rebind process */
1030 rinfo.ri_url = LDAP_STRDUP( ref );
1032 rinfo.ri_msgid = origreq->lr_origid;
1034 #ifdef LDAP_R_COMPILE
1035 ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
1037 rc = ldap_send_server_request( ld, ber, id,
1038 lr, srv, NULL, &rinfo );
1039 #ifdef LDAP_R_COMPILE
1040 ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
1043 LDAP_FREE( rinfo.ri_url );
1048 Debug( LDAP_DEBUG_ANY,
1049 "Unable to chase referral (%s)\n",
1050 ldap_err2string( ld->ld_errno ), 0, 0 );
1051 rc = ldap_append_referral( ld, &unfollowed, ref );
1054 ldap_free_urllist(srv);
1057 LDAP_FREE( *errstrp );
1058 *errstrp = unfollowed;
1060 return(( rc == 0 ) ? count : rc );
1065 ldap_append_referral( LDAP *ld, char **referralsp, char *s )
1069 if ( *referralsp == NULL ) {
1071 *referralsp = (char *)LDAP_MALLOC( strlen( s ) + LDAP_REF_STR_LEN
1075 *referralsp = (char *)LDAP_REALLOC( *referralsp,
1076 strlen( *referralsp ) + strlen( s ) + 2 );
1079 if ( *referralsp == NULL ) {
1080 ld->ld_errno = LDAP_NO_MEMORY;
1085 strcpy( *referralsp, LDAP_REF_STR );
1087 strcat( *referralsp, "\n" );
1089 strcat( *referralsp, s );
1097 re_encode_request( LDAP *ld,
1098 BerElement *origber,
1105 * XXX this routine knows way too much about how the lber library works!
1113 BerElement tmpber, *ber;
1117 Debug( LDAP_DEBUG_TRACE,
1118 "re_encode_request: new msgid %ld, new dn <%s>\n",
1120 ( srv == NULL || srv->lud_dn == NULL) ? "NONE" : srv->lud_dn, 0 );
1125 * all LDAP requests are sequences that start with a message id.
1126 * For all except delete, this is followed by a sequence that is
1127 * tagged with the operation code. For delete, the provided DN
1128 * is not wrapped by a sequence.
1130 rtag = ber_scanf( &tmpber, "{it", /*}*/ &along, &tag );
1132 if ( rtag == LBER_ERROR ) {
1133 ld->ld_errno = LDAP_DECODING_ERROR;
1138 if ( tag == LDAP_REQ_BIND ) {
1139 /* bind requests have a version number before the DN & other stuff */
1140 rtag = ber_scanf( &tmpber, "{ia" /*}*/, &ver, &orig_dn );
1142 } else if ( tag == LDAP_REQ_DELETE ) {
1143 /* delete requests don't have a DN wrapping sequence */
1144 rtag = ber_scanf( &tmpber, "a", &orig_dn );
1146 } else if ( tag == LDAP_REQ_SEARCH ) {
1147 /* search requests need to be re-scope-ed */
1148 rtag = ber_scanf( &tmpber, "{ae" /*"}"*/, &orig_dn, &scope );
1150 if( srv->lud_scope != LDAP_SCOPE_DEFAULT ) {
1151 /* use the scope provided in reference */
1152 scope = srv->lud_scope;
1154 } else if ( sref ) {
1155 /* use scope implied by previous operation
1158 * subtree -> subtree
1159 * subordinate -> subtree
1163 case LDAP_SCOPE_BASE:
1164 case LDAP_SCOPE_ONELEVEL:
1165 scope = LDAP_SCOPE_BASE;
1167 case LDAP_SCOPE_SUBTREE:
1168 #ifdef LDAP_SCOPE_SUBORDINATE
1169 case LDAP_SCOPE_SUBORDINATE:
1171 scope = LDAP_SCOPE_SUBTREE;
1177 rtag = ber_scanf( &tmpber, "{a" /*}*/, &orig_dn );
1180 if( rtag == LBER_ERROR ) {
1181 ld->ld_errno = LDAP_DECODING_ERROR;
1185 if (( ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
1189 if ( srv->lud_dn == NULL ) {
1195 if ( tag == LDAP_REQ_BIND ) {
1196 rc = ber_printf( ber, "{it{is" /*}}*/, msgid, tag, ver, dn );
1197 } else if ( tag == LDAP_REQ_DELETE ) {
1198 rc = ber_printf( ber, "{itsN}", msgid, tag, dn );
1199 } else if ( tag == LDAP_REQ_SEARCH ) {
1200 rc = ber_printf( ber, "{it{se" /*}}*/, msgid, tag, dn, scope );
1202 rc = ber_printf( ber, "{it{s" /*}}*/, msgid, tag, dn );
1205 LDAP_FREE( orig_dn );
1208 ld->ld_errno = LDAP_ENCODING_ERROR;
1213 if ( tag != LDAP_REQ_DELETE && (
1214 ber_write(ber, tmpber.ber_ptr, ( tmpber.ber_end - tmpber.ber_ptr ), 0)
1215 != ( tmpber.ber_end - tmpber.ber_ptr ) ||
1216 ber_printf( ber, /*{{*/ "N}N}" ) == -1 ) )
1218 ld->ld_errno = LDAP_ENCODING_ERROR;
1224 if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
1225 Debug( LDAP_DEBUG_ANY, "re_encode_request new request is:\n",
1227 ber_log_dump( LDAP_DEBUG_BER, ldap_debug, ber, 0 );
1229 #endif /* LDAP_DEBUG */
1231 *type = tag; /* return request type */
1237 ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid )
1241 #ifdef LDAP_R_COMPILE
1242 ldap_pvt_thread_mutex_lock( &ld->ld_req_mutex );
1244 for ( lr = ld->ld_requests; lr != NULL; lr = lr->lr_next ) {
1245 if( lr->lr_status == LDAP_REQST_COMPLETED ) {
1246 continue; /* Skip completed requests */
1248 if ( msgid == lr->lr_msgid ) {
1252 #ifdef LDAP_R_COMPILE
1253 ldap_pvt_thread_mutex_unlock( &ld->ld_req_mutex );
projects / openldap / blob