3 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
7 * Copyright (c) 1995 Regents of the University of Michigan.
10 * request.c - sending of ldap requests; handling of referrals
17 #include <ac/stdlib.h>
20 #include <ac/socket.h>
21 #include <ac/string.h>
23 #include <ac/unistd.h>
28 static LDAPConn *find_connection LDAP_P(( LDAP *ld, LDAPURLDesc *srv, int any ));
29 static void use_connection LDAP_P(( LDAP *ld, LDAPConn *lc ));
31 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS
32 static LDAPURLDesc *dn2servers LDAP_P(( LDAP *ld, const char *dn ));
33 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */
35 static BerElement *re_encode_request LDAP_P((
43 ldap_alloc_ber_with_options( LDAP *ld )
47 if (( ber = ber_alloc_t( ld->ld_lberoptions )) == NULL ) {
48 ld->ld_errno = LDAP_NO_MEMORY;
49 #ifdef STR_TRANSLATION
51 ldap_set_ber_options( ld, ber );
52 #endif /* STR_TRANSLATION */
60 ldap_set_ber_options( LDAP *ld, BerElement *ber )
62 ber->ber_options = ld->ld_lberoptions;
63 #ifdef STR_TRANSLATION
64 if (( ld->ld_lberoptions & LBER_TRANSLATE_STRINGS ) != 0 ) {
65 ber_set_string_translators( ber,
66 ld->ld_lber_encode_translate_proc,
67 ld->ld_lber_decode_translate_proc );
69 #endif /* STR_TRANSLATION */
74 ldap_send_initial_request(
83 Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
85 if ( ! ber_pvt_sb_in_use(&ld->ld_sb ) ) {
86 /* not connected yet */
87 int rc = ldap_open_defconn( ld );
94 Debug( LDAP_DEBUG_TRACE,
95 "ldap_delayed_open successful, ld_host is %s\n",
96 ( ld->ld_host == NULL ) ? "(null)" : ld->ld_host, 0, 0 );
100 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS
101 if ( LDAP_BOOL_GET(&ld->ld_options, LDAP_BOOL_DNS )
102 && ldap_is_dns_dn( dn ) )
104 if (( servers = dn2servers( ld, dn )) == NULL ) {
110 if ( ldap_debug & LDAP_DEBUG_TRACE ) {
115 srv = srv->lud_next )
118 "LDAP server %s: dn %s, port %d\n",
119 srv->lud_host, ( srv->lud_dn == NULL ) ?
120 "(default)" : srv->lud_dn,
124 #endif /* LDAP_DEBUG */
126 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */
129 * use of DNS is turned off or this is an X.500 DN...
130 * use our default connection
135 rc = ldap_send_server_request( ld, ber, ld->ld_msgid, NULL,
138 ldap_free_urllist(servers);
145 ldap_send_server_request(
149 LDAPRequest *parentreq,
150 LDAPURLDesc *srvlist,
157 Debug( LDAP_DEBUG_TRACE, "ldap_send_server_request\n", 0, 0, 0 );
160 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
163 if ( srvlist == NULL ) {
166 if (( lc = find_connection( ld, srvlist, 1 )) ==
168 if ( bind && (parentreq != NULL) ) {
169 /* Remember the bind in the parent */
171 ++parentreq->lr_outrefcnt;
173 lc = ldap_new_connection( ld, srvlist, 0, 1, bind );
178 if ( lc == NULL || lc->lconn_status != LDAP_CONNST_CONNECTED ) {
180 if ( ld->ld_errno == LDAP_SUCCESS ) {
181 ld->ld_errno = LDAP_SERVER_DOWN;
184 /* Forget about the bind */
185 --parentreq->lr_outrefcnt;
190 use_connection( ld, lc );
191 if (( lr = (LDAPRequest *)LDAP_CALLOC( 1, sizeof( LDAPRequest ))) ==
193 ld->ld_errno = LDAP_NO_MEMORY;
194 ldap_free_connection( ld, lc, 0, 0 );
197 /* Forget about the bind */
198 --parentreq->lr_outrefcnt;
202 lr->lr_msgid = msgid;
203 lr->lr_status = LDAP_REQST_INPROGRESS;
204 lr->lr_res_errno = LDAP_SUCCESS; /* optimistic */
207 if ( parentreq != NULL ) { /* sub-request */
209 /* Increment if we didn't do it before the bind */
210 ++parentreq->lr_outrefcnt;
212 lr->lr_origid = parentreq->lr_origid;
213 lr->lr_parentcnt = parentreq->lr_parentcnt + 1;
214 lr->lr_parent = parentreq;
215 lr->lr_refnext = parentreq->lr_refnext;
216 parentreq->lr_refnext = lr;
217 } else { /* original request */
218 lr->lr_origid = lr->lr_msgid;
221 if (( lr->lr_next = ld->ld_requests ) != NULL ) {
222 lr->lr_next->lr_prev = lr;
224 ld->ld_requests = lr;
227 if ( ber_flush( lc->lconn_sb, ber, 0 ) != 0 ) {
229 if ( errno == EWOULDBLOCK ) {
230 /* need to continue write later */
231 lr->lr_status = LDAP_REQST_WRITING;
232 ldap_mark_select_write( ld, lc->lconn_sb );
235 ld->ld_errno = LDAP_SERVER_DOWN;
236 ldap_free_request( ld, lr );
237 ldap_free_connection( ld, lc, 0, 0 );
244 if ( parentreq == NULL ) {
245 ber->ber_end = ber->ber_ptr;
246 ber->ber_ptr = ber->ber_buf;
249 /* sent -- waiting for a response */
250 ldap_mark_select_read( ld, lc->lconn_sb );
253 ld->ld_errno = LDAP_SUCCESS;
259 ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb,
260 int connect, int bind )
267 * make a new LDAP server connection
268 * XXX open connection synchronously for now
270 if (( lc = (LDAPConn *)LDAP_CALLOC( 1, sizeof( LDAPConn ))) == NULL ||
271 ( !use_ldsb && ( (sb = ber_sockbuf_alloc()) == NULL ))) {
273 LDAP_FREE( (char *)lc );
275 ld->ld_errno = LDAP_NO_MEMORY;
279 lc->lconn_sb = ( use_ldsb ) ? &ld->ld_sb : sb;
282 for ( srv = srvlist; srv != NULL; srv = srv->lud_next ) {
283 if ( open_ldap_connection( ld, lc->lconn_sb,
284 srv, &lc->lconn_krbinstance, 0 ) != -1 )
292 ber_sockbuf_free( lc->lconn_sb );
294 LDAP_FREE( (char *)lc );
295 ld->ld_errno = LDAP_SERVER_DOWN;
299 lc->lconn_server = ldap_url_dup(srv);
302 lc->lconn_status = LDAP_CONNST_CONNECTED;
303 lc->lconn_next = ld->ld_conns;
307 * XXX for now, we always do a synchronous bind. This will have
308 * to change in the long run...
311 int err, freepasswd, authmethod;
312 char *binddn, *passwd;
313 LDAPConn *savedefconn;
315 freepasswd = err = 0;
317 if ( ld->ld_rebindproc == 0 ) {
318 binddn = passwd = "";
319 authmethod = LDAP_AUTH_SIMPLE;
321 if (( err = (*ld->ld_rebindproc)( ld, &binddn, &passwd,
322 &authmethod, 0 )) == LDAP_SUCCESS ) {
332 savedefconn = ld->ld_defconn;
334 ++lc->lconn_refcnt; /* avoid premature free */
336 if ( ldap_bind_s( ld, binddn, passwd, authmethod ) !=
341 ld->ld_defconn = savedefconn;
345 (*ld->ld_rebindproc)( ld, &binddn, &passwd,
350 ldap_free_connection( ld, lc, 1, 0 );
360 find_connection( LDAP *ld, LDAPURLDesc *srv, int any )
362 * return an existing connection (if any) to the server srv
363 * if "any" is non-zero, check for any server in the "srv" chain
369 for ( lc = ld->ld_conns; lc != NULL; lc = lc->lconn_next ) {
370 for ( ls = srv; ls != NULL; ls = ls->lud_next ) {
371 if ( lc->lconn_server->lud_host != NULL &&
372 ls->lud_host != NULL && strcasecmp(
373 ls->lud_host, lc->lconn_server->lud_host ) == 0
374 && ls->lud_port == lc->lconn_server->lud_port ) {
389 use_connection( LDAP *ld, LDAPConn *lc )
392 lc->lconn_lastused = time( NULL );
397 ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind )
399 LDAPConn *tmplc, *prevlc;
401 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection\n", 0, 0, 0 );
403 if ( force || --lc->lconn_refcnt <= 0 ) {
404 if ( lc->lconn_status == LDAP_CONNST_CONNECTED ) {
405 ldap_mark_select_clear( ld, lc->lconn_sb );
407 ldap_send_unbind( ld, lc->lconn_sb, NULL, NULL );
412 ldap_close_connection( lc->lconn_sb );
413 ber_pvt_sb_destroy( lc->lconn_sb );
415 if( lc->lconn_ber != NULL ) {
416 ber_free( lc->lconn_ber, 1 );
420 for ( tmplc = ld->ld_conns; tmplc != NULL;
421 tmplc = tmplc->lconn_next ) {
423 if ( prevlc == NULL ) {
424 ld->ld_conns = tmplc->lconn_next;
426 prevlc->lconn_next = tmplc->lconn_next;
432 ldap_free_urllist( lc->lconn_server );
433 if ( lc->lconn_krbinstance != NULL ) {
434 LDAP_FREE( lc->lconn_krbinstance );
436 if ( lc->lconn_sb != &ld->ld_sb ) {
437 ber_sockbuf_free( lc->lconn_sb );
440 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: actually freed\n",
443 lc->lconn_lastused = time( NULL );
444 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: refcnt %d\n",
445 lc->lconn_refcnt, 0, 0 );
452 ldap_dump_connection( LDAP *ld, LDAPConn *lconns, int all )
457 fprintf( stderr, "** Connection%s:\n", all ? "s" : "" );
458 for ( lc = lconns; lc != NULL; lc = lc->lconn_next ) {
459 if ( lc->lconn_server != NULL ) {
460 fprintf( stderr, "* host: %s port: %d%s\n",
461 ( lc->lconn_server->lud_host == NULL ) ? "(null)"
462 : lc->lconn_server->lud_host,
463 lc->lconn_server->lud_port, ( lc->lconn_sb ==
464 &ld->ld_sb ) ? " (default)" : "" );
466 fprintf( stderr, " refcnt: %d status: %s\n", lc->lconn_refcnt,
467 ( lc->lconn_status == LDAP_CONNST_NEEDSOCKET ) ?
468 "NeedSocket" : ( lc->lconn_status ==
469 LDAP_CONNST_CONNECTING ) ? "Connecting" : "Connected" );
470 fprintf( stderr, " last used: %s\n",
471 ldap_pvt_ctime( &lc->lconn_lastused, timebuf ));
480 ldap_dump_requests_and_responses( LDAP *ld )
485 fprintf( stderr, "** Outstanding Requests:\n" );
486 if (( lr = ld->ld_requests ) == NULL ) {
487 fprintf( stderr, " Empty\n" );
489 for ( ; lr != NULL; lr = lr->lr_next ) {
490 fprintf( stderr, " * msgid %d, origid %d, status %s\n",
491 lr->lr_msgid, lr->lr_origid, ( lr->lr_status ==
492 LDAP_REQST_INPROGRESS ) ? "InProgress" :
493 ( lr->lr_status == LDAP_REQST_CHASINGREFS ) ? "ChasingRefs" :
494 ( lr->lr_status == LDAP_REQST_NOTCONNECTED ) ? "NotConnected" :
496 fprintf( stderr, " outstanding referrals %d, parent count %d\n",
497 lr->lr_outrefcnt, lr->lr_parentcnt );
500 fprintf( stderr, "** Response Queue:\n" );
501 if (( lm = ld->ld_responses ) == NULL ) {
502 fprintf( stderr, " Empty\n" );
504 for ( ; lm != NULL; lm = lm->lm_next ) {
505 fprintf( stderr, " * msgid %d, type %lu\n",
506 lm->lm_msgid, (unsigned long) lm->lm_msgtype );
507 if (( l = lm->lm_chain ) != NULL ) {
508 fprintf( stderr, " chained responses:\n" );
509 for ( ; l != NULL; l = l->lm_chain ) {
511 " * msgid %d, type %lu\n",
513 (unsigned long) l->lm_msgtype );
518 #endif /* LDAP_DEBUG */
522 ldap_free_request( LDAP *ld, LDAPRequest *lr )
524 LDAPRequest *tmplr, *nextlr;
526 Debug( LDAP_DEBUG_TRACE, "ldap_free_request (origid %d, msgid %d)\n",
527 lr->lr_origid, lr->lr_msgid, 0 );
529 if ( lr->lr_parent != NULL ) {
530 --lr->lr_parent->lr_outrefcnt;
532 /* free all referrals (child requests) */
533 for ( tmplr = lr->lr_refnext; tmplr != NULL; tmplr = nextlr ) {
534 nextlr = tmplr->lr_refnext;
535 ldap_free_request( ld, tmplr );
539 if ( lr->lr_prev == NULL ) {
540 ld->ld_requests = lr->lr_next;
542 lr->lr_prev->lr_next = lr->lr_next;
545 if ( lr->lr_next != NULL ) {
546 lr->lr_next->lr_prev = lr->lr_prev;
549 if ( lr->lr_ber != NULL ) {
550 ber_free( lr->lr_ber, 1 );
553 if ( lr->lr_res_error != NULL ) {
554 LDAP_FREE( lr->lr_res_error );
557 if ( lr->lr_res_matched != NULL ) {
558 LDAP_FREE( lr->lr_res_matched );
566 * XXX merging of errors in this routine needs to be improved
569 ldap_chase_referrals( LDAP *ld, LDAPRequest *lr, char **errstrp, int *hadrefp )
571 int rc, count, len, newdn;
572 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS
574 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */
575 char *p, *ports, *ref, *tmpref, *refdn, *unfollowed;
576 LDAPRequest *origreq;
580 Debug( LDAP_DEBUG_TRACE, "ldap_chase_referrals\n", 0, 0, 0 );
582 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
585 if ( *errstrp == NULL ) {
589 len = strlen( *errstrp );
590 for ( p = *errstrp; len >= LDAP_REF_STR_LEN; ++p, --len ) {
591 if (( *p == 'R' || *p == 'r' ) && strncasecmp( p,
592 LDAP_REF_STR, LDAP_REF_STR_LEN ) == 0 ) {
594 p += LDAP_REF_STR_LEN;
599 if ( len < LDAP_REF_STR_LEN ) {
603 if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
604 Debug( LDAP_DEBUG_ANY,
605 "more than %d referral hops (dropping)\n",
606 ld->ld_refhoplimit, 0, 0 );
607 /* XXX report as error in ld->ld_errno? */
611 /* find original request */
612 for ( origreq = lr; origreq->lr_parent != NULL;
613 origreq = origreq->lr_parent ) {
620 /* parse out & follow referrals */
621 for ( ref = p; rc == 0 && ref != NULL; ref = p ) {
622 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS
624 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */
626 if (( p = strchr( ref, '\n' )) != NULL ) {
633 if ( len > LDAP_LDAP_REF_STR_LEN && strncasecmp( ref,
634 LDAP_LDAP_REF_STR, LDAP_LDAP_REF_STR_LEN ) == 0 ) {
635 Debug( LDAP_DEBUG_TRACE,
636 "chasing LDAP referral: <%s>\n", ref, 0, 0 );
637 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS
639 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */
640 tmpref = ref + LDAP_LDAP_REF_STR_LEN;
641 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS
642 } else if ( len > LDAP_DX_REF_STR_LEN && strncasecmp( ref,
643 LDAP_DX_REF_STR, LDAP_DX_REF_STR_LEN ) == 0 ) {
644 Debug( LDAP_DEBUG_TRACE,
645 "chasing DX referral: <%s>\n", ref, 0, 0 );
646 tmpref = ref + LDAP_DX_REF_STR_LEN;
647 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */
649 Debug( LDAP_DEBUG_TRACE,
650 "ignoring unknown referral <%s>\n", ref, 0, 0 );
651 rc = ldap_append_referral( ld, &unfollowed, ref );
656 /* NOTE! This code treats "ldap://host/" differently
657 * from "ldap://host". The behavior is wrong, but is
658 * left here intentionally to maintain compatibility
659 * with OpenLDAP 1.x and UMich 3.3 clients.
662 if (( refdn = strchr( tmpref, '/' )) != NULL ) {
669 if (( ber = re_encode_request( ld, origreq->lr_ber,
670 ++ld->ld_msgid, &refdn )) == NULL ) {
674 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS
676 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */
677 if (( srv = (LDAPURLDesc *)LDAP_CALLOC( 1,
678 sizeof( LDAPURLDesc ))) == NULL ) {
680 ld->ld_errno = LDAP_NO_MEMORY;
684 if (( srv->lud_host = LDAP_STRDUP( tmpref )) == NULL ) {
685 LDAP_FREE( (char *)srv );
687 ld->ld_errno = LDAP_NO_MEMORY;
691 if (( ports = strchr( srv->lud_host, ':' )) != NULL ) {
693 srv->lud_port = atoi( ports );
695 srv->lud_port = ldap_int_global_options.ldo_defport;
697 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS
699 srv = dn2servers( ld, tmpref );
701 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */
703 if ( srv != NULL && ldap_send_server_request( ld, ber, ld->ld_msgid,
704 lr, srv, NULL, 1 ) >= 0 ) {
707 Debug( LDAP_DEBUG_ANY,
708 "Unable to chase referral (%s)\n",
709 ldap_err2string( ld->ld_errno ), 0, 0 );
710 rc = ldap_append_referral( ld, &unfollowed, ref );
714 ldap_free_urllist(srv);
716 if ( !newdn && refdn != NULL ) {
721 LDAP_FREE( *errstrp );
722 *errstrp = unfollowed;
724 return(( rc == 0 ) ? count : rc );
729 ldap_append_referral( LDAP *ld, char **referralsp, char *s )
733 if ( *referralsp == NULL ) {
735 *referralsp = (char *)LDAP_MALLOC( strlen( s ) + LDAP_REF_STR_LEN
739 *referralsp = (char *)LDAP_REALLOC( *referralsp,
740 strlen( *referralsp ) + strlen( s ) + 2 );
743 if ( *referralsp == NULL ) {
744 ld->ld_errno = LDAP_NO_MEMORY;
749 strcpy( *referralsp, LDAP_REF_STR );
751 strcat( *referralsp, "\n" );
753 strcat( *referralsp, s );
761 re_encode_request( LDAP *ld, BerElement *origber, ber_int_t msgid, char **dnp )
764 * XXX this routine knows way too much about how the lber library works!
771 BerElement tmpber, *ber;
774 Debug( LDAP_DEBUG_TRACE,
775 "re_encode_request: new msgid %ld, new dn <%s>\n",
776 (long) msgid, ( *dnp == NULL ) ? "NONE" : *dnp, 0 );
781 * all LDAP requests are sequences that start with a message id,
782 * followed by a sequence that is tagged with the operation code
784 if ( ber_scanf( &tmpber, "{i", /*}*/ &along ) != LDAP_TAG_MSGID ||
785 ( tag = ber_skip_tag( &tmpber, &len )) == LBER_DEFAULT ) {
786 ld->ld_errno = LDAP_DECODING_ERROR;
790 if (( ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
794 /* bind requests have a version number before the DN & other stuff */
795 if ( tag == LDAP_REQ_BIND && ber_get_int( &tmpber, &ver ) ==
797 ld->ld_errno = LDAP_DECODING_ERROR;
802 /* the rest of the request is the DN followed by other stuff */
803 if ( ber_get_stringa( &tmpber, &orig_dn ) == LBER_DEFAULT ) {
808 if ( *dnp == NULL ) {
811 LDAP_FREE( orig_dn );
814 if ( tag == LDAP_REQ_BIND ) {
815 rc = ber_printf( ber, "{it{is" /*}}*/, msgid, tag, ver, *dnp );
817 rc = ber_printf( ber, "{it{s" /*}}*/, msgid, tag, *dnp );
825 if ( ber_write( ber, tmpber.ber_ptr, ( tmpber.ber_end -
826 tmpber.ber_ptr ), 0 ) != ( tmpber.ber_end - tmpber.ber_ptr ) ||
827 ber_printf( ber, /*{{*/ "}}" ) == -1 ) {
828 ld->ld_errno = LDAP_ENCODING_ERROR;
834 if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
835 Debug( LDAP_DEBUG_ANY, "re_encode_request new request is:\n",
837 ber_log_dump( LDAP_DEBUG_BER, ldap_debug, ber, 0 );
839 #endif /* LDAP_DEBUG */
846 ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid )
850 for ( lr = ld->ld_requests; lr != NULL; lr = lr->lr_next ) {
851 if ( msgid == lr->lr_msgid ) {
860 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_DNS
862 dn2servers( LDAP *ld, const char *dn ) /* dn can also be a domain.... */
864 char *p, *host, *server_dn, **dxs;
867 LDAPURLDesc *srvlist, *prevsrv, *srv;
869 if (( domain = strrchr( dn, '@' )) != NULL ) {
875 if (( dxs = ldap_getdxbyname( domain )) == NULL ) {
876 ld->ld_errno = LDAP_NO_MEMORY;
881 for ( i = 0; dxs[ i ] != NULL; ++i ) {
882 if (ldap_url_parselist(&srv, dxs[i]) == LDAP_SUCCESS
883 || ldap_url_parsehosts(&srv, dxs[i]) == LDAP_SUCCESS)
885 /* add to end of list of servers */
886 if ( srvlist == NULL ) {
889 prevsrv->lud_next = srv;
895 ldap_value_free( dxs );
897 if ( srvlist == NULL ) {
898 ld->ld_errno = LDAP_SERVER_DOWN;
903 #endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_DNS */
projects / openldap / blob