3 * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
7 * Copyright (c) 1995 Regents of the University of Michigan.
11 * This notice applies to changes, created by or for Novell, Inc.,
12 * to preexisting works for which notices appear elsewhere in this file.
14 * Copyright (C) 1999, 2000 Novell, Inc. All Rights Reserved.
16 * THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND TREATIES.
17 * USE, MODIFICATION, AND REDISTRIBUTION OF THIS WORK IS SUBJECT TO VERSION
18 * 2.0.1 OF THE OPENLDAP PUBLIC LICENSE, A COPY OF WHICH IS AVAILABLE AT
19 * HTTP://WWW.OPENLDAP.ORG/LICENSE.HTML OR IN THE FILE "LICENSE" IN THE
20 * TOP-LEVEL DIRECTORY OF THE DISTRIBUTION. ANY USE OR EXPLOITATION OF THIS
21 * WORK OTHER THAN AS AUTHORIZED IN VERSION 2.0.1 OF THE OPENLDAP PUBLIC
22 * LICENSE, OR OTHER PRIOR WRITTEN CONSENT FROM NOVELL, COULD SUBJECT THE
23 * PERPETRATOR TO CRIMINAL AND CIVIL LIABILITY.
25 * Modification to OpenLDAP source by Novell, Inc.
26 * April 2000 sfs Added code to chase V3 referrals
27 * request.c - sending of ldap requests; handling of referrals
29 /* Note: A verbatim copy of version 2.0.1 of the OpenLDAP Public License
30 * can be found in the file "build/LICENSE-2.0.1" in this distribution
31 * of OpenLDAP Software.
38 #include <ac/stdlib.h>
41 #include <ac/socket.h>
42 #include <ac/string.h>
44 #include <ac/unistd.h>
49 static LDAPConn *find_connection LDAP_P(( LDAP *ld, LDAPURLDesc *srv, int any ));
50 static void use_connection LDAP_P(( LDAP *ld, LDAPConn *lc ));
53 re_encode_request( LDAP *ld,
61 ldap_alloc_ber_with_options( LDAP *ld )
65 if (( ber = ber_alloc_t( ld->ld_lberoptions )) == NULL ) {
66 ld->ld_errno = LDAP_NO_MEMORY;
74 ldap_set_ber_options( LDAP *ld, BerElement *ber )
76 ber->ber_options = ld->ld_lberoptions;
81 ldap_send_initial_request(
91 LDAP_LOG ( OPERATION, ENTRY, "ldap_send_initial_request\n", 0, 0, 0 );
93 Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
96 if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, NULL ) == -1 ) {
97 /* not connected yet */
98 int rc = ldap_open_defconn( ld );
106 LDAP_LOG ( OPERATION, DETAIL1,
107 "ldap_send_initial_request: ldap_open_defconn: successful\n" ,
110 Debug( LDAP_DEBUG_TRACE,
111 "ldap_open_defconn: successful\n",
118 * use of DNS is turned off or this is an X.500 DN...
119 * use our default connection
124 #ifdef LDAP_CONNECTIONLESS
125 if (LDAP_IS_UDP(ld)) {
126 if (msgtype == LDAP_REQ_BIND) {
127 if (ld->ld_options.ldo_cldapdn)
128 ldap_memfree(ld->ld_options.ldo_cldapdn);
129 ld->ld_options.ldo_cldapdn = ldap_strdup(dn);
132 if (msgtype != LDAP_REQ_ABANDON && msgtype != LDAP_REQ_SEARCH)
133 return LDAP_PARAM_ERROR;
136 rc = ldap_send_server_request( ld, ber, ld->ld_msgid, NULL,
137 servers, NULL, NULL );
139 ldap_free_urllist(servers);
145 ldap_int_flush_request(
150 LDAPConn *lc = lr->lr_conn;
152 if ( ber_flush( lc->lconn_sb, lr->lr_ber, 0 ) != 0 ) {
153 if ( errno == EAGAIN ) {
154 /* need to continue write later */
155 lr->lr_status = LDAP_REQST_WRITING;
156 ldap_mark_select_write( ld, lc->lconn_sb );
157 ld->ld_errno = LDAP_BUSY;
160 ld->ld_errno = LDAP_SERVER_DOWN;
161 ldap_free_request( ld, lr );
162 ldap_free_connection( ld, lc, 0, 0 );
166 if ( lr->lr_parent == NULL ) {
167 lr->lr_ber->ber_end = lr->lr_ber->ber_ptr;
168 lr->lr_ber->ber_ptr = lr->lr_ber->ber_buf;
170 lr->lr_status = LDAP_REQST_INPROGRESS;
172 /* sent -- waiting for a response */
173 ldap_mark_select_read( ld, lc->lconn_sb );
179 ldap_send_server_request(
183 LDAPRequest *parentreq,
184 LDAPURLDesc *srvlist,
192 LDAP_LOG ( OPERATION, ENTRY, "ldap_send_server_request\n", 0, 0, 0 );
194 Debug( LDAP_DEBUG_TRACE, "ldap_send_server_request\n", 0, 0, 0 );
198 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
201 if ( srvlist == NULL ) {
204 if (( lc = find_connection( ld, srvlist, 1 )) ==
206 if ( (bind != NULL) && (parentreq != NULL) ) {
207 /* Remember the bind in the parent */
209 ++parentreq->lr_outrefcnt;
211 lc = ldap_new_connection( ld, srvlist, 0, 1, bind );
216 if ( lc == NULL || lc->lconn_status != LDAP_CONNST_CONNECTED ) {
218 if ( ld->ld_errno == LDAP_SUCCESS ) {
219 ld->ld_errno = LDAP_SERVER_DOWN;
222 /* Forget about the bind */
223 --parentreq->lr_outrefcnt;
228 use_connection( ld, lc );
230 /* If we still have an incomplete write, try to finish it before
231 * dealing with the new request. If we don't finish here, return
232 * LDAP_BUSY and let the caller retry later. We only allow a single
233 * request to be in WRITING state.
235 if ( ld->ld_requests &&
236 ld->ld_requests->lr_status == LDAP_REQST_WRITING &&
237 ldap_int_flush_request( ld, ld->ld_requests ) < 0 ) {
241 if (( lr = (LDAPRequest *)LDAP_CALLOC( 1, sizeof( LDAPRequest ))) ==
243 ld->ld_errno = LDAP_NO_MEMORY;
244 ldap_free_connection( ld, lc, 0, 0 );
247 /* Forget about the bind */
248 --parentreq->lr_outrefcnt;
252 lr->lr_msgid = msgid;
253 lr->lr_status = LDAP_REQST_INPROGRESS;
254 lr->lr_res_errno = LDAP_SUCCESS; /* optimistic */
257 if ( parentreq != NULL ) { /* sub-request */
259 /* Increment if we didn't do it before the bind */
260 ++parentreq->lr_outrefcnt;
262 lr->lr_origid = parentreq->lr_origid;
263 lr->lr_parentcnt = parentreq->lr_parentcnt + 1;
264 lr->lr_parent = parentreq;
265 lr->lr_refnext = parentreq->lr_child;
266 parentreq->lr_child = lr;
267 } else { /* original request */
268 lr->lr_origid = lr->lr_msgid;
271 if (( lr->lr_next = ld->ld_requests ) != NULL ) {
272 lr->lr_next->lr_prev = lr;
274 ld->ld_requests = lr;
277 if ( ldap_int_flush_request( ld, lr ) == -1 ) {
281 ld->ld_errno = LDAP_SUCCESS;
286 ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb,
287 int connect, LDAPreqinfo *bind )
294 LDAP_LOG ( OPERATION, ENTRY, "ldap_new_connection\n", 0, 0, 0 );
296 Debug( LDAP_DEBUG_TRACE, "ldap_new_connection\n", 0, 0, 0 );
299 * make a new LDAP server connection
300 * XXX open connection synchronously for now
302 if (( lc = (LDAPConn *)LDAP_CALLOC( 1, sizeof( LDAPConn ))) == NULL ||
303 ( !use_ldsb && ( (sb = ber_sockbuf_alloc()) == NULL ))) {
305 LDAP_FREE( (char *)lc );
307 ld->ld_errno = LDAP_NO_MEMORY;
311 lc->lconn_sb = ( use_ldsb ) ? ld->ld_sb : sb;
314 for ( srv = srvlist; srv != NULL; srv = srv->lud_next ) {
315 if ( ldap_int_open_connection( ld, lc, srv, 0 ) != -1 ) {
322 ber_sockbuf_free( lc->lconn_sb );
324 LDAP_FREE( (char *)lc );
325 ld->ld_errno = LDAP_SERVER_DOWN;
329 lc->lconn_server = ldap_url_dup(srv);
332 lc->lconn_status = LDAP_CONNST_CONNECTED;
333 lc->lconn_next = ld->ld_conns;
337 * XXX for now, we always do a synchronous bind. This will have
338 * to change in the long run...
342 LDAPConn *savedefconn;
344 /* Set flag to prevent additional referrals from being processed on this
345 * connection until the bind has completed
347 lc->lconn_rebind_inprogress = 1;
348 /* V3 rebind function */
349 if ( ld->ld_rebind_proc != NULL) {
350 LDAPURLDesc *srvfunc;
351 if( ( srvfunc = ldap_url_dup( srvlist)) == NULL) {
352 ld->ld_errno = LDAP_NO_MEMORY;
355 savedefconn = ld->ld_defconn;
356 ++lc->lconn_refcnt; /* avoid premature free */
360 LDAP_LOG ( OPERATION, DETAIL1,
361 "ldap_new_connection: Call application rebind_proc\n",
364 Debug( LDAP_DEBUG_TRACE, "Call application rebind_proc\n", 0, 0, 0);
366 err = (*ld->ld_rebind_proc)( ld,
367 bind->ri_url, bind->ri_request, bind->ri_msgid,
368 ld->ld_rebind_params );
370 ld->ld_defconn = savedefconn;
375 ldap_free_connection( ld, lc, 1, 0 );
378 ldap_free_urldesc( srvfunc);
381 savedefconn = ld->ld_defconn;
382 ++lc->lconn_refcnt; /* avoid premature free */
386 LDAP_LOG ( OPERATION, DETAIL1,
387 "ldap_new_connection: anonymous rebind via ldap_bind_s\n",
390 Debug( LDAP_DEBUG_TRACE, "anonymous rebind via ldap_bind_s\n", 0, 0, 0);
392 if ( ldap_bind_s( ld, "", "", LDAP_AUTH_SIMPLE ) != LDAP_SUCCESS ) {
395 ld->ld_defconn = savedefconn;
399 ldap_free_connection( ld, lc, 1, 0 );
404 lc->lconn_rebind_inprogress = 0;
412 find_connection( LDAP *ld, LDAPURLDesc *srv, int any )
414 * return an existing connection (if any) to the server srv
415 * if "any" is non-zero, check for any server in the "srv" chain
421 for ( lc = ld->ld_conns; lc != NULL; lc = lc->lconn_next ) {
422 for ( ls = srv; ls != NULL; ls = ls->lud_next ) {
423 if ( lc->lconn_server->lud_host != NULL &&
424 *lc->lconn_server->lud_host != '\0' &&
425 ls->lud_host != NULL && *ls->lud_host != '\0' &&
426 strcasecmp( ls->lud_host, lc->lconn_server->lud_host ) == 0
427 && ls->lud_port == lc->lconn_server->lud_port ) {
442 use_connection( LDAP *ld, LDAPConn *lc )
445 lc->lconn_lastused = time( NULL );
450 ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind )
452 LDAPConn *tmplc, *prevlc;
455 LDAP_LOG ( OPERATION, ENTRY, "ldap_free_connection\n", 0, 0, 0 );
457 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection\n", 0, 0, 0 );
460 if ( force || --lc->lconn_refcnt <= 0 ) {
461 if ( lc->lconn_status == LDAP_CONNST_CONNECTED ) {
462 ldap_mark_select_clear( ld, lc->lconn_sb );
464 ldap_send_unbind( ld, lc->lconn_sb, NULL, NULL );
468 if( lc->lconn_ber != NULL ) {
469 ber_free( lc->lconn_ber, 1 );
472 ldap_int_sasl_close( ld, lc );
475 for ( tmplc = ld->ld_conns; tmplc != NULL;
476 tmplc = tmplc->lconn_next ) {
478 if ( prevlc == NULL ) {
479 ld->ld_conns = tmplc->lconn_next;
481 prevlc->lconn_next = tmplc->lconn_next;
487 ldap_free_urllist( lc->lconn_server );
488 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
489 if ( lc->lconn_krbinstance != NULL ) {
490 LDAP_FREE( lc->lconn_krbinstance );
493 if ( lc->lconn_sb != ld->ld_sb ) {
494 ber_sockbuf_free( lc->lconn_sb );
496 if( lc->lconn_rebind_queue != NULL) {
498 for( i = 0; lc->lconn_rebind_queue[i] != NULL; i++) {
499 LDAP_VFREE(lc->lconn_rebind_queue[i]);
501 LDAP_FREE( lc->lconn_rebind_queue);
505 LDAP_LOG ( OPERATION, RESULTS,
506 "ldap_free_connection: actually freed\n", 0, 0, 0 );
508 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: actually freed\n",
512 lc->lconn_lastused = time( NULL );
514 LDAP_LOG ( OPERATION, RESULTS, "ldap_free_connection: refcnt %d\n",
515 lc->lconn_refcnt, 0, 0 );
517 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: refcnt %d\n",
518 lc->lconn_refcnt, 0, 0 );
526 ldap_dump_connection( LDAP *ld, LDAPConn *lconns, int all )
531 fprintf( stderr, "** Connection%s:\n", all ? "s" : "" );
532 for ( lc = lconns; lc != NULL; lc = lc->lconn_next ) {
533 if ( lc->lconn_server != NULL ) {
534 fprintf( stderr, "* host: %s port: %d%s\n",
535 ( lc->lconn_server->lud_host == NULL ) ? "(null)"
536 : lc->lconn_server->lud_host,
537 lc->lconn_server->lud_port, ( lc->lconn_sb ==
538 ld->ld_sb ) ? " (default)" : "" );
540 fprintf( stderr, " refcnt: %d status: %s\n", lc->lconn_refcnt,
541 ( lc->lconn_status == LDAP_CONNST_NEEDSOCKET ) ?
542 "NeedSocket" : ( lc->lconn_status ==
543 LDAP_CONNST_CONNECTING ) ? "Connecting" : "Connected" );
544 fprintf( stderr, " last used: %s",
545 ldap_pvt_ctime( &lc->lconn_lastused, timebuf ));
546 if( lc->lconn_rebind_inprogress ) {
547 fprintf( stderr, " rebind in progress\n");
548 if( lc->lconn_rebind_queue != NULL) {
550 for( ;lc->lconn_rebind_queue[i] != NULL; i++) {
552 for( ;lc->lconn_rebind_queue[i][j] != 0; j++) {
553 fprintf( stderr, " queue %d entry %d - %s\n",
554 i, j, lc->lconn_rebind_queue[i][j]);
558 fprintf( stderr, " queue is empty\n");
561 fprintf(stderr, "\n");
570 ldap_dump_requests_and_responses( LDAP *ld )
575 fprintf( stderr, "** Outstanding Requests:\n" );
576 if (( lr = ld->ld_requests ) == NULL ) {
577 fprintf( stderr, " Empty\n" );
579 for ( ; lr != NULL; lr = lr->lr_next ) {
580 fprintf( stderr, " * msgid %d, origid %d, status %s\n",
581 lr->lr_msgid, lr->lr_origid,
582 ( lr->lr_status == LDAP_REQST_INPROGRESS ) ? "InProgress" :
583 ( lr->lr_status == LDAP_REQST_CHASINGREFS ) ? "ChasingRefs" :
584 ( lr->lr_status == LDAP_REQST_NOTCONNECTED ) ? "NotConnected" :
585 ( lr->lr_status == LDAP_REQST_WRITING) ? "Writing" :
586 ( lr->lr_status == LDAP_REQST_COMPLETED ? "Request Completed" : "Invalid Status"));
587 fprintf( stderr, " outstanding referrals %d, parent count %d\n",
588 lr->lr_outrefcnt, lr->lr_parentcnt );
591 fprintf( stderr, "** Response Queue:\n" );
592 if (( lm = ld->ld_responses ) == NULL ) {
593 fprintf( stderr, " Empty\n" );
595 for ( ; lm != NULL; lm = lm->lm_next ) {
596 fprintf( stderr, " * msgid %d, type %lu\n",
597 lm->lm_msgid, (unsigned long) lm->lm_msgtype );
598 if (( l = lm->lm_chain ) != NULL ) {
599 fprintf( stderr, " chained responses:\n" );
600 for ( ; l != NULL; l = l->lm_chain ) {
602 " * msgid %d, type %lu\n",
604 (unsigned long) l->lm_msgtype );
609 #endif /* LDAP_DEBUG */
612 ldap_free_request_int( LDAP *ld, LDAPRequest *lr )
614 if ( lr->lr_prev == NULL ) {
615 ld->ld_requests = lr->lr_next;
617 lr->lr_prev->lr_next = lr->lr_next;
620 if ( lr->lr_next != NULL ) {
621 lr->lr_next->lr_prev = lr->lr_prev;
624 if ( lr->lr_ber != NULL ) {
625 ber_free( lr->lr_ber, 1 );
628 if ( lr->lr_res_error != NULL ) {
629 LDAP_FREE( lr->lr_res_error );
632 if ( lr->lr_res_matched != NULL ) {
633 LDAP_FREE( lr->lr_res_matched );
640 ldap_free_request( LDAP *ld, LDAPRequest *lr )
642 LDAPRequest **ttmplr;
645 LDAP_LOG ( OPERATION, ARGS, "ldap_free_request (origid %d, msgid %d)\n",
646 lr->lr_origid, lr->lr_msgid, 0 );
648 Debug( LDAP_DEBUG_TRACE, "ldap_free_request (origid %d, msgid %d)\n",
649 lr->lr_origid, lr->lr_msgid, 0 );
652 /* free all referrals (child requests) */
653 while ( lr->lr_child )
654 ldap_free_request( ld, lr->lr_child );
656 if ( lr->lr_parent != NULL ) {
657 --lr->lr_parent->lr_outrefcnt;
658 for ( ttmplr = &lr->lr_parent->lr_child; *ttmplr && *ttmplr != lr; ttmplr = &(*ttmplr)->lr_refnext );
660 *ttmplr = lr->lr_refnext;
662 ldap_free_request_int( ld, lr );
670 * (IN) ld = LDAP connection handle
671 * (IN) lr = LDAP Request structure
672 * (IN) refs = array of pointers to referral strings that we will chase
673 * The array will be free'd by this function when no longer needed
674 * (IN) sref != 0 if following search reference
675 * (OUT) errstrp = Place to return a string of referrals which could not be followed
676 * (OUT) hadrefp = 1 if sucessfully followed referral
678 * Return value - number of referrals followed
681 ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, int sref, char **errstrp, int *hadrefp )
684 int unfollowedcnt = 0;
685 LDAPRequest *origreq;
686 LDAPURLDesc *srv = NULL;
688 char **refarray = NULL;
693 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
697 LDAP_LOG ( OPERATION, ENTRY, "ldap_chase_v3referrals\n", 0, 0, 0 );
699 Debug( LDAP_DEBUG_TRACE, "ldap_chase_v3referrals\n", 0, 0, 0 );
705 /* If no referrals in array, return */
706 if ( (refs == NULL) || ( (refs)[0] == NULL) ) {
711 /* Check for hop limit exceeded */
712 if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
714 LDAP_LOG ( OPERATION, DETAIL1,
715 "ldap_chase_v3referrals: more than %d referral hops (dropping)\n",
716 ld->ld_refhoplimit, 0, 0 );
718 Debug( LDAP_DEBUG_ANY,
719 "more than %d referral hops (dropping)\n", ld->ld_refhoplimit, 0, 0 );
721 ld->ld_errno = LDAP_REFERRAL_LIMIT_EXCEEDED;
726 /* find original request */
728 origreq->lr_parent != NULL;
729 origreq = origreq->lr_parent )
736 /* parse out & follow referrals */
737 for( i=0; refarray[i] != NULL; i++) {
738 /* Parse the referral URL */
739 if (( rc = ldap_url_parse_ext( refarray[i], &srv)) != LDAP_SUCCESS) {
745 if( srv->lud_crit_exts ) {
746 /* we do not support any extensions */
747 ld->ld_errno = LDAP_NOT_SUPPORTED;
752 /* treat ldap://hostpart and ldap://hostpart/ the same */
753 if ( srv->lud_dn && srv->lud_dn[0] == '\0' ) {
754 LDAP_FREE( srv->lud_dn );
758 /* check connection for re-bind in progress */
759 if (( lc = find_connection( ld, srv, 1 )) != NULL ) {
760 if( lc->lconn_rebind_inprogress) {
761 /* We are already chasing a referral or search reference and a
762 * bind on that connection is in progress. We must queue
763 * referrals on that connection, so we don't get a request
764 * going out before the bind operation completes. This happens
765 * if two search references come in one behind the other
766 * for the same server with different contexts.
769 LDAP_LOG ( OPERATION, DETAIL1,
770 "ldap_chase_v3referrals: queue referral \"%s\"\n",
773 Debug( LDAP_DEBUG_TRACE,
774 "ldap_chase_v3referrals: queue referral \"%s\"\n",
777 if( lc->lconn_rebind_queue == NULL ) {
778 /* Create a referral list */
779 lc->lconn_rebind_queue =
780 (char ***) LDAP_MALLOC( sizeof(void *) * 2);
782 if( lc->lconn_rebind_queue == NULL) {
783 ld->ld_errno = LDAP_NO_MEMORY;
788 lc->lconn_rebind_queue[0] = refarray;
789 lc->lconn_rebind_queue[1] = NULL;
793 /* Count how many referral arrays we already have */
794 for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++) {
798 /* Add the new referral to the list */
799 lc->lconn_rebind_queue = (char ***) LDAP_REALLOC(
800 lc->lconn_rebind_queue, sizeof(void *) * (j + 2));
802 if( lc->lconn_rebind_queue == NULL ) {
803 ld->ld_errno = LDAP_NO_MEMORY;
807 lc->lconn_rebind_queue[j] = refarray;
808 lc->lconn_rebind_queue[j+1] = NULL;
812 /* We have queued the referral/reference, now just return */
815 count = 1; /* Pretend we already followed referral */
819 /* Re-encode the request with the new starting point of the search.
820 * Note: In the future we also need to replace the filter if one
821 * was provided with the search reference
824 /* For references we don't want old dn if new dn empty */
825 if ( sref && srv->lud_dn == NULL ) {
826 srv->lud_dn = LDAP_STRDUP( "" );
829 ber = re_encode_request( ld, origreq->lr_ber, ++ld->ld_msgid,
830 sref, srv, &rinfo.ri_request );
833 ld->ld_errno = LDAP_ENCODING_ERROR;
839 LDAP_LOG ( OPERATION, DETAIL1,
840 "ldap_chase_v3referrals: msgid %d, url \"%s\"\n",
841 lr->lr_msgid, refarray[i], 0 );
843 Debug( LDAP_DEBUG_TRACE,
844 "ldap_chase_v3referral: msgid %d, url \"%s\"\n",
845 lr->lr_msgid, refarray[i], 0);
848 /* Send the new request to the server - may require a bind */
849 rinfo.ri_msgid = origreq->lr_origid;
850 rinfo.ri_url = refarray[i];
851 if ( (rc = ldap_send_server_request( ld, ber, ld->ld_msgid,
852 origreq, srv, NULL, &rinfo )) < 0 ) {
853 /* Failure, try next referral in the list */
855 LDAP_LOG ( OPERATION, ERR,
856 "ldap_chase_v3referrals: Unable to chase referral \"%s\" (%s)\n",
857 refarray[i], ldap_err2string( ld->ld_errno ), 0 );
859 Debug( LDAP_DEBUG_ANY, "Unable to chase referral \"%s\" (%s)\n",
860 refarray[i], ldap_err2string( ld->ld_errno ), 0);
862 unfollowedcnt += ldap_append_referral( ld, &unfollowed, refarray[i]);
863 ldap_free_urllist(srv);
866 /* Success, no need to try this referral list further */
871 /* check if there is a queue of referrals that came in during bind */
873 if (( lc = find_connection( ld, srv, 1 )) == NULL ) {
874 ld->ld_errno = LDAP_OPERATIONS_ERROR;
880 if( lc->lconn_rebind_queue != NULL) {
881 /* Release resources of previous list */
882 LDAP_VFREE(refarray);
884 ldap_free_urllist(srv);
887 /* Pull entries off end of queue so list always null terminated */
888 for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++) {
891 refarray = lc->lconn_rebind_queue[j-1];
892 lc->lconn_rebind_queue[j-1] = NULL;
893 /* we pulled off last entry from queue, free queue */
895 LDAP_FREE( lc->lconn_rebind_queue);
896 lc->lconn_rebind_queue = NULL;
898 /* restart the loop the with new referral list */
902 break; /* referral followed, break out of for loop */
906 LDAP_VFREE(refarray);
907 ldap_free_urllist(srv);
908 LDAP_FREE( *errstrp );
912 LDAP_FREE( unfollowed );
915 ld->ld_errno = LDAP_REFERRAL;
916 *errstrp = unfollowed;
922 * XXX merging of errors in this routine needs to be improved
925 ldap_chase_referrals( LDAP *ld,
933 char *p, *ref, *unfollowed;
934 LDAPRequest *origreq;
940 LDAP_LOG ( OPERATION, ENTRY, "ldap_chase_referrals\n", 0, 0, 0 );
942 Debug( LDAP_DEBUG_TRACE, "ldap_chase_referrals\n", 0, 0, 0 );
945 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
948 if ( *errstrp == NULL ) {
952 len = strlen( *errstrp );
953 for ( p = *errstrp; len >= LDAP_REF_STR_LEN; ++p, --len ) {
954 if ( strncasecmp( p, LDAP_REF_STR, LDAP_REF_STR_LEN ) == 0 ) {
956 p += LDAP_REF_STR_LEN;
961 if ( len < LDAP_REF_STR_LEN ) {
965 if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
967 LDAP_LOG ( OPERATION, ENTRY,
968 "ldap_chase_referrals: more than %d referral hops (dropping)\n",
969 ld->ld_refhoplimit, 0, 0 );
971 Debug( LDAP_DEBUG_ANY,
972 "more than %d referral hops (dropping)\n",
973 ld->ld_refhoplimit, 0, 0 );
975 /* XXX report as error in ld->ld_errno? */
979 /* find original request */
980 for ( origreq = lr; origreq->lr_parent != NULL;
981 origreq = origreq->lr_parent ) {
988 /* parse out & follow referrals */
989 for ( ref = p; rc == 0 && ref != NULL; ref = p ) {
990 if (( p = strchr( ref, '\n' )) != NULL ) {
996 rc = ldap_url_parse_ext( ref, &srv );
998 if ( rc != LDAP_URL_SUCCESS ) {
1000 LDAP_LOG ( OPERATION, DETAIL1,
1001 "ldap_chase_referrals: ignoring unknown referral <%s>\n",
1004 Debug( LDAP_DEBUG_TRACE,
1005 "ignoring unknown referral <%s>\n", ref, 0, 0 );
1007 rc = ldap_append_referral( ld, &unfollowed, ref );
1012 if( srv->lud_dn != NULL && srv->lud_dn == '\0' ) {
1013 LDAP_FREE( srv->lud_dn );
1018 LDAP_LOG ( OPERATION, DETAIL1,
1019 "ldap_chase_referrals: chasing LDAP referral <%s>\n", ref, 0, 0 );
1021 Debug( LDAP_DEBUG_TRACE,
1022 "chasing LDAP referral: <%s>\n", ref, 0, 0 );
1027 ber = re_encode_request( ld, origreq->lr_ber,
1028 ++ld->ld_msgid, sref, srv, &rinfo.ri_request );
1034 /* copy the complete referral for rebind process */
1035 rinfo.ri_url = LDAP_STRDUP( ref );
1037 rinfo.ri_msgid = origreq->lr_origid;
1039 rc = ldap_send_server_request( ld, ber, ld->ld_msgid,
1040 lr, srv, NULL, &rinfo );
1042 LDAP_FREE( rinfo.ri_url );
1048 LDAP_LOG ( OPERATION, ERR,
1049 "ldap_chase_referrals: Unable to chase referral <%s>\n",
1050 ldap_err2string( ld->ld_errno), 0, 0 );
1052 Debug( LDAP_DEBUG_ANY,
1053 "Unable to chase referral (%s)\n",
1054 ldap_err2string( ld->ld_errno ), 0, 0 );
1056 rc = ldap_append_referral( ld, &unfollowed, ref );
1059 ldap_free_urllist(srv);
1062 LDAP_FREE( *errstrp );
1063 *errstrp = unfollowed;
1065 return(( rc == 0 ) ? count : rc );
1070 ldap_append_referral( LDAP *ld, char **referralsp, char *s )
1074 if ( *referralsp == NULL ) {
1076 *referralsp = (char *)LDAP_MALLOC( strlen( s ) + LDAP_REF_STR_LEN
1080 *referralsp = (char *)LDAP_REALLOC( *referralsp,
1081 strlen( *referralsp ) + strlen( s ) + 2 );
1084 if ( *referralsp == NULL ) {
1085 ld->ld_errno = LDAP_NO_MEMORY;
1090 strcpy( *referralsp, LDAP_REF_STR );
1092 strcat( *referralsp, "\n" );
1094 strcat( *referralsp, s );
1102 re_encode_request( LDAP *ld,
1103 BerElement *origber,
1110 * XXX this routine knows way too much about how the lber library works!
1118 BerElement tmpber, *ber;
1123 LDAP_LOG ( OPERATION, ARGS,
1124 "re_encode_request: new msgid %ld, new dn <%s>\n",
1126 ( srv == NULL || srv->lud_dn == NULL ) ? "NONE" : srv->lud_dn, 0 );
1128 Debug( LDAP_DEBUG_TRACE,
1129 "re_encode_request: new msgid %ld, new dn <%s>\n",
1131 ( srv == NULL || srv->lud_dn == NULL) ? "NONE" : srv->lud_dn, 0 );
1137 * all LDAP requests are sequences that start with a message id.
1138 * For all except delete, this is followed by a sequence that is
1139 * tagged with the operation code. For delete, the provided DN
1140 * is not wrapped by a sequence.
1142 rtag = ber_scanf( &tmpber, "{it", /*}*/ &along, &tag );
1144 if ( rtag == LBER_ERROR ) {
1145 ld->ld_errno = LDAP_DECODING_ERROR;
1150 if ( tag == LDAP_REQ_BIND ) {
1151 /* bind requests have a version number before the DN & other stuff */
1152 rtag = ber_scanf( &tmpber, "{ia" /*}*/, &ver, &orig_dn );
1154 } else if ( tag == LDAP_REQ_DELETE ) {
1155 /* delete requests don't have a DN wrapping sequence */
1156 rtag = ber_scanf( &tmpber, "a", &orig_dn );
1158 } else if ( tag == LDAP_REQ_SEARCH ) {
1159 /* search requests need to be re-scope-ed */
1160 rtag = ber_scanf( &tmpber, "{ae" /*"}"*/, &orig_dn, &scope );
1162 if( srv->lud_scope != LDAP_SCOPE_DEFAULT ) {
1163 /* use the scope provided in reference */
1164 scope = srv->lud_scope;
1166 } else if ( sref && scope != LDAP_SCOPE_SUBTREE ) {
1167 /* use scope implied by previous operation */
1170 /* subtree -> subtree */
1171 scope = LDAP_SCOPE_BASE;
1175 rtag = ber_scanf( &tmpber, "{a" /*}*/, &orig_dn );
1178 if( rtag == LBER_ERROR ) {
1179 ld->ld_errno = LDAP_DECODING_ERROR;
1183 if (( ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
1187 if ( srv->lud_dn == NULL ) {
1193 if ( tag == LDAP_REQ_BIND ) {
1194 rc = ber_printf( ber, "{it{is" /*}}*/, msgid, tag, ver, dn );
1195 } else if ( tag == LDAP_REQ_DELETE ) {
1196 rc = ber_printf( ber, "{itsN}", msgid, tag, dn );
1197 } else if ( tag == LDAP_REQ_SEARCH ) {
1198 rc = ber_printf( ber, "{it{se" /*}}*/, msgid, tag, dn, scope );
1200 rc = ber_printf( ber, "{it{s" /*}}*/, msgid, tag, dn );
1203 LDAP_FREE( orig_dn );
1206 ld->ld_errno = LDAP_ENCODING_ERROR;
1211 if ( tag != LDAP_REQ_DELETE && (
1212 ber_write(ber, tmpber.ber_ptr, ( tmpber.ber_end - tmpber.ber_ptr ), 0)
1213 != ( tmpber.ber_end - tmpber.ber_ptr ) ||
1214 ber_printf( ber, /*{{*/ "N}N}" ) == -1 ) )
1216 ld->ld_errno = LDAP_ENCODING_ERROR;
1222 if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
1224 LDAP_LOG ( OPERATION, DETAIL1,
1225 "re_encode_request: new request is:\n", 0, 0, 0 );
1227 Debug( LDAP_DEBUG_ANY, "re_encode_request new request is:\n",
1230 ber_log_dump( LDAP_DEBUG_BER, ldap_debug, ber, 0 );
1232 #endif /* LDAP_DEBUG */
1234 *type = tag; /* return request type */
1240 ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid )
1244 for ( lr = ld->ld_requests; lr != NULL; lr = lr->lr_next ) {
1245 if( lr->lr_status == LDAP_REQST_COMPLETED ) {
1246 continue; /* Skip completed requests */
1248 if ( msgid == lr->lr_msgid ) {
projects / openldap / blob