3 * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
7 * Copyright (c) 1995 Regents of the University of Michigan.
11 * This notice applies to changes, created by or for Novell, Inc.,
12 * to preexisting works for which notices appear elsewhere in this file.
14 * Copyright (C) 1999, 2000 Novell, Inc. All Rights Reserved.
16 * THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND TREATIES.
17 * USE, MODIFICATION, AND REDISTRIBUTION OF THIS WORK IS SUBJECT TO VERSION
18 * 2.0.1 OF THE OPENLDAP PUBLIC LICENSE, A COPY OF WHICH IS AVAILABLE AT
19 * HTTP://WWW.OPENLDAP.ORG/LICENSE.HTML OR IN THE FILE "LICENSE" IN THE
20 * TOP-LEVEL DIRECTORY OF THE DISTRIBUTION. ANY USE OR EXPLOITATION OF THIS
21 * WORK OTHER THAN AS AUTHORIZED IN VERSION 2.0.1 OF THE OPENLDAP PUBLIC
22 * LICENSE, OR OTHER PRIOR WRITTEN CONSENT FROM NOVELL, COULD SUBJECT THE
23 * PERPETRATOR TO CRIMINAL AND CIVIL LIABILITY.
25 * Modification to OpenLDAP source by Novell, Inc.
26 * April 2000 sfs Added code to chase V3 referrals
27 * request.c - sending of ldap requests; handling of referrals
34 #include <ac/stdlib.h>
37 #include <ac/socket.h>
38 #include <ac/string.h>
40 #include <ac/unistd.h>
45 static LDAPConn *find_connection LDAP_P(( LDAP *ld, LDAPURLDesc *srv, int any ));
46 static void use_connection LDAP_P(( LDAP *ld, LDAPConn *lc ));
49 re_encode_request( LDAP *ld,
57 ldap_alloc_ber_with_options( LDAP *ld )
61 if (( ber = ber_alloc_t( ld->ld_lberoptions )) == NULL ) {
62 ld->ld_errno = LDAP_NO_MEMORY;
70 ldap_set_ber_options( LDAP *ld, BerElement *ber )
72 ber->ber_options = ld->ld_lberoptions;
77 ldap_send_initial_request(
87 LDAP_LOG ( OPERATION, ENTRY, "ldap_send_initial_request\n", 0, 0, 0 );
89 Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
92 if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, NULL ) == -1 ) {
93 /* not connected yet */
94 int rc = ldap_open_defconn( ld );
102 LDAP_LOG ( OPERATION, DETAIL1,
103 "ldap_send_initial_request: ldap_open_defconn: successful\n" ,
106 Debug( LDAP_DEBUG_TRACE,
107 "ldap_open_defconn: successful\n",
114 * use of DNS is turned off or this is an X.500 DN...
115 * use our default connection
120 #ifdef LDAP_CONNECTIONLESS
121 if (LDAP_IS_UDP(ld)) {
122 if (msgtype == LDAP_REQ_BIND) {
123 if (ld->ld_options.ldo_cldapdn)
124 ldap_memfree(ld->ld_options.ldo_cldapdn);
125 ld->ld_options.ldo_cldapdn = ldap_strdup(dn);
128 if (msgtype != LDAP_REQ_ABANDON && msgtype != LDAP_REQ_SEARCH)
129 return LDAP_PARAM_ERROR;
132 rc = ldap_send_server_request( ld, ber, ld->ld_msgid, NULL,
133 servers, NULL, NULL );
135 ldap_free_urllist(servers);
141 ldap_int_flush_request(
146 LDAPConn *lc = lr->lr_conn;
148 if ( ber_flush( lc->lconn_sb, lr->lr_ber, 0 ) != 0 ) {
149 if ( errno == EAGAIN ) {
150 /* need to continue write later */
151 lr->lr_status = LDAP_REQST_WRITING;
152 ldap_mark_select_write( ld, lc->lconn_sb );
153 ld->ld_errno = LDAP_BUSY;
156 ld->ld_errno = LDAP_SERVER_DOWN;
157 ldap_free_request( ld, lr );
158 ldap_free_connection( ld, lc, 0, 0 );
162 if ( lr->lr_parent == NULL ) {
163 lr->lr_ber->ber_end = lr->lr_ber->ber_ptr;
164 lr->lr_ber->ber_ptr = lr->lr_ber->ber_buf;
166 lr->lr_status = LDAP_REQST_INPROGRESS;
168 /* sent -- waiting for a response */
169 ldap_mark_select_read( ld, lc->lconn_sb );
175 ldap_send_server_request(
179 LDAPRequest *parentreq,
180 LDAPURLDesc *srvlist,
188 LDAP_LOG ( OPERATION, ENTRY, "ldap_send_server_request\n", 0, 0, 0 );
190 Debug( LDAP_DEBUG_TRACE, "ldap_send_server_request\n", 0, 0, 0 );
194 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
197 if ( srvlist == NULL ) {
200 if (( lc = find_connection( ld, srvlist, 1 )) ==
202 if ( (bind != NULL) && (parentreq != NULL) ) {
203 /* Remember the bind in the parent */
205 ++parentreq->lr_outrefcnt;
207 lc = ldap_new_connection( ld, srvlist, 0, 1, bind );
212 if ( lc == NULL || lc->lconn_status != LDAP_CONNST_CONNECTED ) {
214 if ( ld->ld_errno == LDAP_SUCCESS ) {
215 ld->ld_errno = LDAP_SERVER_DOWN;
218 /* Forget about the bind */
219 --parentreq->lr_outrefcnt;
224 use_connection( ld, lc );
226 /* If we still have an incomplete write, try to finish it before
227 * dealing with the new request. If we don't finish here, return
228 * LDAP_BUSY and let the caller retry later. We only allow a single
229 * request to be in WRITING state.
231 if ( ld->ld_requests &&
232 ld->ld_requests->lr_status == LDAP_REQST_WRITING &&
233 ldap_int_flush_request( ld, ld->ld_requests ) < 0 ) {
237 if (( lr = (LDAPRequest *)LDAP_CALLOC( 1, sizeof( LDAPRequest ))) ==
239 ld->ld_errno = LDAP_NO_MEMORY;
240 ldap_free_connection( ld, lc, 0, 0 );
243 /* Forget about the bind */
244 --parentreq->lr_outrefcnt;
248 lr->lr_msgid = msgid;
249 lr->lr_status = LDAP_REQST_INPROGRESS;
250 lr->lr_res_errno = LDAP_SUCCESS; /* optimistic */
253 if ( parentreq != NULL ) { /* sub-request */
255 /* Increment if we didn't do it before the bind */
256 ++parentreq->lr_outrefcnt;
258 lr->lr_origid = parentreq->lr_origid;
259 lr->lr_parentcnt = parentreq->lr_parentcnt + 1;
260 lr->lr_parent = parentreq;
261 lr->lr_refnext = parentreq->lr_child;
262 parentreq->lr_child = lr;
263 } else { /* original request */
264 lr->lr_origid = lr->lr_msgid;
267 if (( lr->lr_next = ld->ld_requests ) != NULL ) {
268 lr->lr_next->lr_prev = lr;
270 ld->ld_requests = lr;
273 if ( ldap_int_flush_request( ld, lr ) == -1 ) {
277 ld->ld_errno = LDAP_SUCCESS;
282 ldap_new_connection( LDAP *ld, LDAPURLDesc *srvlist, int use_ldsb,
283 int connect, LDAPreqinfo *bind )
290 LDAP_LOG ( OPERATION, ENTRY, "ldap_new_connection\n", 0, 0, 0 );
292 Debug( LDAP_DEBUG_TRACE, "ldap_new_connection\n", 0, 0, 0 );
295 * make a new LDAP server connection
296 * XXX open connection synchronously for now
298 if (( lc = (LDAPConn *)LDAP_CALLOC( 1, sizeof( LDAPConn ))) == NULL ||
299 ( !use_ldsb && ( (sb = ber_sockbuf_alloc()) == NULL ))) {
301 LDAP_FREE( (char *)lc );
303 ld->ld_errno = LDAP_NO_MEMORY;
307 lc->lconn_sb = ( use_ldsb ) ? ld->ld_sb : sb;
310 for ( srv = srvlist; srv != NULL; srv = srv->lud_next ) {
311 if ( ldap_int_open_connection( ld, lc, srv, 0 ) != -1 ) {
318 ber_sockbuf_free( lc->lconn_sb );
320 LDAP_FREE( (char *)lc );
321 ld->ld_errno = LDAP_SERVER_DOWN;
325 lc->lconn_server = ldap_url_dup(srv);
328 lc->lconn_status = LDAP_CONNST_CONNECTED;
329 lc->lconn_next = ld->ld_conns;
333 * XXX for now, we always do a synchronous bind. This will have
334 * to change in the long run...
338 LDAPConn *savedefconn;
340 /* Set flag to prevent additional referrals from being processed on this
341 * connection until the bind has completed
343 lc->lconn_rebind_inprogress = 1;
344 /* V3 rebind function */
345 if ( ld->ld_rebind_proc != NULL) {
346 LDAPURLDesc *srvfunc;
347 if( ( srvfunc = ldap_url_dup( srvlist)) == NULL) {
348 ld->ld_errno = LDAP_NO_MEMORY;
351 savedefconn = ld->ld_defconn;
352 ++lc->lconn_refcnt; /* avoid premature free */
356 LDAP_LOG ( OPERATION, DETAIL1,
357 "ldap_new_connection: Call application rebind_proc\n",
360 Debug( LDAP_DEBUG_TRACE, "Call application rebind_proc\n", 0, 0, 0);
362 err = (*ld->ld_rebind_proc)( ld,
363 bind->ri_url, bind->ri_request, bind->ri_msgid,
364 ld->ld_rebind_params );
366 ld->ld_defconn = savedefconn;
371 ldap_free_connection( ld, lc, 1, 0 );
374 ldap_free_urldesc( srvfunc);
377 savedefconn = ld->ld_defconn;
378 ++lc->lconn_refcnt; /* avoid premature free */
382 LDAP_LOG ( OPERATION, DETAIL1,
383 "ldap_new_connection: anonymous rebind via ldap_bind_s\n",
386 Debug( LDAP_DEBUG_TRACE, "anonymous rebind via ldap_bind_s\n", 0, 0, 0);
388 if ( ldap_bind_s( ld, "", "", LDAP_AUTH_SIMPLE ) != LDAP_SUCCESS ) {
391 ld->ld_defconn = savedefconn;
395 ldap_free_connection( ld, lc, 1, 0 );
400 lc->lconn_rebind_inprogress = 0;
408 find_connection( LDAP *ld, LDAPURLDesc *srv, int any )
410 * return an existing connection (if any) to the server srv
411 * if "any" is non-zero, check for any server in the "srv" chain
417 for ( lc = ld->ld_conns; lc != NULL; lc = lc->lconn_next ) {
418 for ( ls = srv; ls != NULL; ls = ls->lud_next ) {
419 if ( lc->lconn_server->lud_host != NULL &&
420 *lc->lconn_server->lud_host != '\0' &&
421 ls->lud_host != NULL && *ls->lud_host != '\0' &&
422 strcasecmp( ls->lud_host, lc->lconn_server->lud_host ) == 0
423 && ls->lud_port == lc->lconn_server->lud_port ) {
438 use_connection( LDAP *ld, LDAPConn *lc )
441 lc->lconn_lastused = time( NULL );
446 ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind )
448 LDAPConn *tmplc, *prevlc;
451 LDAP_LOG ( OPERATION, ENTRY, "ldap_free_connection\n", 0, 0, 0 );
453 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection\n", 0, 0, 0 );
456 if ( force || --lc->lconn_refcnt <= 0 ) {
457 if ( lc->lconn_status == LDAP_CONNST_CONNECTED ) {
458 ldap_mark_select_clear( ld, lc->lconn_sb );
460 ldap_send_unbind( ld, lc->lconn_sb, NULL, NULL );
464 if( lc->lconn_ber != NULL ) {
465 ber_free( lc->lconn_ber, 1 );
468 ldap_int_sasl_close( ld, lc );
471 for ( tmplc = ld->ld_conns; tmplc != NULL;
472 tmplc = tmplc->lconn_next ) {
474 if ( prevlc == NULL ) {
475 ld->ld_conns = tmplc->lconn_next;
477 prevlc->lconn_next = tmplc->lconn_next;
483 ldap_free_urllist( lc->lconn_server );
484 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
485 if ( lc->lconn_krbinstance != NULL ) {
486 LDAP_FREE( lc->lconn_krbinstance );
489 if ( lc->lconn_sb != ld->ld_sb ) {
490 ber_sockbuf_free( lc->lconn_sb );
492 if( lc->lconn_rebind_queue != NULL) {
494 for( i = 0; lc->lconn_rebind_queue[i] != NULL; i++) {
495 LDAP_VFREE(lc->lconn_rebind_queue[i]);
497 LDAP_FREE( lc->lconn_rebind_queue);
501 LDAP_LOG ( OPERATION, RESULTS,
502 "ldap_free_connection: actually freed\n", 0, 0, 0 );
504 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: actually freed\n",
508 lc->lconn_lastused = time( NULL );
510 LDAP_LOG ( OPERATION, RESULTS, "ldap_free_connection: refcnt %d\n",
511 lc->lconn_refcnt, 0, 0 );
513 Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: refcnt %d\n",
514 lc->lconn_refcnt, 0, 0 );
522 ldap_dump_connection( LDAP *ld, LDAPConn *lconns, int all )
527 fprintf( stderr, "** Connection%s:\n", all ? "s" : "" );
528 for ( lc = lconns; lc != NULL; lc = lc->lconn_next ) {
529 if ( lc->lconn_server != NULL ) {
530 fprintf( stderr, "* host: %s port: %d%s\n",
531 ( lc->lconn_server->lud_host == NULL ) ? "(null)"
532 : lc->lconn_server->lud_host,
533 lc->lconn_server->lud_port, ( lc->lconn_sb ==
534 ld->ld_sb ) ? " (default)" : "" );
536 fprintf( stderr, " refcnt: %d status: %s\n", lc->lconn_refcnt,
537 ( lc->lconn_status == LDAP_CONNST_NEEDSOCKET ) ?
538 "NeedSocket" : ( lc->lconn_status ==
539 LDAP_CONNST_CONNECTING ) ? "Connecting" : "Connected" );
540 fprintf( stderr, " last used: %s",
541 ldap_pvt_ctime( &lc->lconn_lastused, timebuf ));
542 if( lc->lconn_rebind_inprogress ) {
543 fprintf( stderr, " rebind in progress\n");
544 if( lc->lconn_rebind_queue != NULL) {
546 for( ;lc->lconn_rebind_queue[i] != NULL; i++) {
548 for( ;lc->lconn_rebind_queue[i][j] != 0; j++) {
549 fprintf( stderr, " queue %d entry %d - %s\n",
550 i, j, lc->lconn_rebind_queue[i][j]);
554 fprintf( stderr, " queue is empty\n");
557 fprintf(stderr, "\n");
566 ldap_dump_requests_and_responses( LDAP *ld )
571 fprintf( stderr, "** Outstanding Requests:\n" );
572 if (( lr = ld->ld_requests ) == NULL ) {
573 fprintf( stderr, " Empty\n" );
575 for ( ; lr != NULL; lr = lr->lr_next ) {
576 fprintf( stderr, " * msgid %d, origid %d, status %s\n",
577 lr->lr_msgid, lr->lr_origid,
578 ( lr->lr_status == LDAP_REQST_INPROGRESS ) ? "InProgress" :
579 ( lr->lr_status == LDAP_REQST_CHASINGREFS ) ? "ChasingRefs" :
580 ( lr->lr_status == LDAP_REQST_NOTCONNECTED ) ? "NotConnected" :
581 ( lr->lr_status == LDAP_REQST_WRITING) ? "Writing" :
582 ( lr->lr_status == LDAP_REQST_COMPLETED ? "Request Completed" : "Invalid Status"));
583 fprintf( stderr, " outstanding referrals %d, parent count %d\n",
584 lr->lr_outrefcnt, lr->lr_parentcnt );
587 fprintf( stderr, "** Response Queue:\n" );
588 if (( lm = ld->ld_responses ) == NULL ) {
589 fprintf( stderr, " Empty\n" );
591 for ( ; lm != NULL; lm = lm->lm_next ) {
592 fprintf( stderr, " * msgid %d, type %lu\n",
593 lm->lm_msgid, (unsigned long) lm->lm_msgtype );
594 if (( l = lm->lm_chain ) != NULL ) {
595 fprintf( stderr, " chained responses:\n" );
596 for ( ; l != NULL; l = l->lm_chain ) {
598 " * msgid %d, type %lu\n",
600 (unsigned long) l->lm_msgtype );
605 #endif /* LDAP_DEBUG */
608 ldap_free_request_int( LDAP *ld, LDAPRequest *lr )
610 if ( lr->lr_prev == NULL ) {
611 ld->ld_requests = lr->lr_next;
613 lr->lr_prev->lr_next = lr->lr_next;
616 if ( lr->lr_next != NULL ) {
617 lr->lr_next->lr_prev = lr->lr_prev;
620 if ( lr->lr_ber != NULL ) {
621 ber_free( lr->lr_ber, 1 );
624 if ( lr->lr_res_error != NULL ) {
625 LDAP_FREE( lr->lr_res_error );
628 if ( lr->lr_res_matched != NULL ) {
629 LDAP_FREE( lr->lr_res_matched );
636 ldap_free_request( LDAP *ld, LDAPRequest *lr )
638 LDAPRequest **ttmplr;
641 LDAP_LOG ( OPERATION, ARGS, "ldap_free_request (origid %d, msgid %d)\n",
642 lr->lr_origid, lr->lr_msgid, 0 );
644 Debug( LDAP_DEBUG_TRACE, "ldap_free_request (origid %d, msgid %d)\n",
645 lr->lr_origid, lr->lr_msgid, 0 );
648 if ( lr->lr_parent != NULL ) {
649 --lr->lr_parent->lr_outrefcnt;
650 for ( ttmplr = &lr->lr_parent->lr_child; *ttmplr && *ttmplr != lr; ttmplr = &(*ttmplr)->lr_refnext );
652 *ttmplr = lr->lr_refnext;
654 /* free all referrals (child requests) */
655 while ( lr->lr_child )
656 ldap_free_request( ld, lr->lr_child );
658 ldap_free_request_int( ld, lr );
666 * (IN) ld = LDAP connection handle
667 * (IN) lr = LDAP Request structure
668 * (IN) refs = array of pointers to referral strings that we will chase
669 * The array will be free'd by this function when no longer needed
670 * (IN) sref != 0 if following search reference
671 * (OUT) errstrp = Place to return a string of referrals which could not be followed
672 * (OUT) hadrefp = 1 if sucessfully followed referral
674 * Return value - number of referrals followed
677 ldap_chase_v3referrals( LDAP *ld, LDAPRequest *lr, char **refs, int sref, char **errstrp, int *hadrefp )
680 int unfollowedcnt = 0;
681 LDAPRequest *origreq;
682 LDAPURLDesc *srv = NULL;
684 char **refarray = NULL;
689 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
693 LDAP_LOG ( OPERATION, ENTRY, "ldap_chase_v3referrals\n", 0, 0, 0 );
695 Debug( LDAP_DEBUG_TRACE, "ldap_chase_v3referrals\n", 0, 0, 0 );
701 /* If no referrals in array, return */
702 if ( (refs == NULL) || ( (refs)[0] == NULL) ) {
707 /* Check for hop limit exceeded */
708 if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
710 LDAP_LOG ( OPERATION, DETAIL1,
711 "ldap_chase_v3referrals: more than %d referral hops (dropping)\n",
712 ld->ld_refhoplimit, 0, 0 );
714 Debug( LDAP_DEBUG_ANY,
715 "more than %d referral hops (dropping)\n", ld->ld_refhoplimit, 0, 0 );
717 ld->ld_errno = LDAP_REFERRAL_LIMIT_EXCEEDED;
722 /* find original request */
724 origreq->lr_parent != NULL;
725 origreq = origreq->lr_parent )
732 /* parse out & follow referrals */
733 for( i=0; refarray[i] != NULL; i++) {
734 /* Parse the referral URL */
735 if (( rc = ldap_url_parse_ext( refarray[i], &srv)) != LDAP_SUCCESS) {
741 if( srv->lud_crit_exts ) {
742 /* we do not support any extensions */
743 ld->ld_errno = LDAP_NOT_SUPPORTED;
748 /* treat ldap://hostpart and ldap://hostpart/ the same */
749 if ( srv->lud_dn && srv->lud_dn[0] == '\0' ) {
750 LDAP_FREE( srv->lud_dn );
754 /* check connection for re-bind in progress */
755 if (( lc = find_connection( ld, srv, 1 )) != NULL ) {
756 if( lc->lconn_rebind_inprogress) {
757 /* We are already chasing a referral or search reference and a
758 * bind on that connection is in progress. We must queue
759 * referrals on that connection, so we don't get a request
760 * going out before the bind operation completes. This happens
761 * if two search references come in one behind the other
762 * for the same server with different contexts.
765 LDAP_LOG ( OPERATION, DETAIL1,
766 "ldap_chase_v3referrals: queue referral \"%s\"\n",
769 Debug( LDAP_DEBUG_TRACE,
770 "ldap_chase_v3referrals: queue referral \"%s\"\n",
773 if( lc->lconn_rebind_queue == NULL ) {
774 /* Create a referral list */
775 lc->lconn_rebind_queue =
776 (char ***) LDAP_MALLOC( sizeof(void *) * 2);
778 if( lc->lconn_rebind_queue == NULL) {
779 ld->ld_errno = LDAP_NO_MEMORY;
784 lc->lconn_rebind_queue[0] = refarray;
785 lc->lconn_rebind_queue[1] = NULL;
789 /* Count how many referral arrays we already have */
790 for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++) {
794 /* Add the new referral to the list */
795 lc->lconn_rebind_queue = (char ***) LDAP_REALLOC(
796 lc->lconn_rebind_queue, sizeof(void *) * (j + 2));
798 if( lc->lconn_rebind_queue == NULL ) {
799 ld->ld_errno = LDAP_NO_MEMORY;
803 lc->lconn_rebind_queue[j] = refarray;
804 lc->lconn_rebind_queue[j+1] = NULL;
808 /* We have queued the referral/reference, now just return */
811 count = 1; /* Pretend we already followed referral */
815 /* Re-encode the request with the new starting point of the search.
816 * Note: In the future we also need to replace the filter if one
817 * was provided with the search reference
820 /* For references we don't want old dn if new dn empty */
821 if ( sref && srv->lud_dn == NULL ) {
822 srv->lud_dn = LDAP_STRDUP( "" );
825 ber = re_encode_request( ld, origreq->lr_ber, ++ld->ld_msgid,
826 sref, srv, &rinfo.ri_request );
829 ld->ld_errno = LDAP_ENCODING_ERROR;
835 LDAP_LOG ( OPERATION, DETAIL1,
836 "ldap_chase_v3referrals: msgid %d, url \"%s\"\n",
837 lr->lr_msgid, refarray[i], 0 );
839 Debug( LDAP_DEBUG_TRACE,
840 "ldap_chase_v3referral: msgid %d, url \"%s\"\n",
841 lr->lr_msgid, refarray[i], 0);
844 /* Send the new request to the server - may require a bind */
845 rinfo.ri_msgid = origreq->lr_origid;
846 rinfo.ri_url = refarray[i];
847 if ( (rc = ldap_send_server_request( ld, ber, ld->ld_msgid,
848 origreq, srv, NULL, &rinfo )) < 0 ) {
849 /* Failure, try next referral in the list */
851 LDAP_LOG ( OPERATION, ERR,
852 "ldap_chase_v3referrals: Unable to chase referral \"%s\" (%s)\n",
853 refarray[i], ldap_err2string( ld->ld_errno ), 0 );
855 Debug( LDAP_DEBUG_ANY, "Unable to chase referral \"%s\" (%s)\n",
856 refarray[i], ldap_err2string( ld->ld_errno ), 0);
858 unfollowedcnt += ldap_append_referral( ld, &unfollowed, refarray[i]);
859 ldap_free_urllist(srv);
862 /* Success, no need to try this referral list further */
867 /* check if there is a queue of referrals that came in during bind */
869 if (( lc = find_connection( ld, srv, 1 )) == NULL ) {
870 ld->ld_errno = LDAP_OPERATIONS_ERROR;
876 if( lc->lconn_rebind_queue != NULL) {
877 /* Release resources of previous list */
878 LDAP_VFREE(refarray);
880 ldap_free_urllist(srv);
883 /* Pull entries off end of queue so list always null terminated */
884 for( j = 0; lc->lconn_rebind_queue[j] != NULL; j++) {
887 refarray = lc->lconn_rebind_queue[j-1];
888 lc->lconn_rebind_queue[j-1] = NULL;
889 /* we pulled off last entry from queue, free queue */
891 LDAP_FREE( lc->lconn_rebind_queue);
892 lc->lconn_rebind_queue = NULL;
894 /* restart the loop the with new referral list */
898 break; /* referral followed, break out of for loop */
902 LDAP_VFREE(refarray);
903 ldap_free_urllist(srv);
904 LDAP_FREE( *errstrp );
908 LDAP_FREE( unfollowed );
911 ld->ld_errno = LDAP_REFERRAL;
912 *errstrp = unfollowed;
918 * XXX merging of errors in this routine needs to be improved
921 ldap_chase_referrals( LDAP *ld,
929 char *p, *ref, *unfollowed;
930 LDAPRequest *origreq;
936 LDAP_LOG ( OPERATION, ENTRY, "ldap_chase_referrals\n", 0, 0, 0 );
938 Debug( LDAP_DEBUG_TRACE, "ldap_chase_referrals\n", 0, 0, 0 );
941 ld->ld_errno = LDAP_SUCCESS; /* optimistic */
944 if ( *errstrp == NULL ) {
948 len = strlen( *errstrp );
949 for ( p = *errstrp; len >= LDAP_REF_STR_LEN; ++p, --len ) {
950 if ( strncasecmp( p, LDAP_REF_STR, LDAP_REF_STR_LEN ) == 0 ) {
952 p += LDAP_REF_STR_LEN;
957 if ( len < LDAP_REF_STR_LEN ) {
961 if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
963 LDAP_LOG ( OPERATION, ENTRY,
964 "ldap_chase_referrals: more than %d referral hops (dropping)\n",
965 ld->ld_refhoplimit, 0, 0 );
967 Debug( LDAP_DEBUG_ANY,
968 "more than %d referral hops (dropping)\n",
969 ld->ld_refhoplimit, 0, 0 );
971 /* XXX report as error in ld->ld_errno? */
975 /* find original request */
976 for ( origreq = lr; origreq->lr_parent != NULL;
977 origreq = origreq->lr_parent ) {
984 /* parse out & follow referrals */
985 for ( ref = p; rc == 0 && ref != NULL; ref = p ) {
986 if (( p = strchr( ref, '\n' )) != NULL ) {
992 rc = ldap_url_parse_ext( ref, &srv );
994 if ( rc != LDAP_URL_SUCCESS ) {
996 LDAP_LOG ( OPERATION, DETAIL1,
997 "ldap_chase_referrals: ignoring unknown referral <%s>\n",
1000 Debug( LDAP_DEBUG_TRACE,
1001 "ignoring unknown referral <%s>\n", ref, 0, 0 );
1003 rc = ldap_append_referral( ld, &unfollowed, ref );
1008 if( srv->lud_dn != NULL && srv->lud_dn == '\0' ) {
1009 LDAP_FREE( srv->lud_dn );
1014 LDAP_LOG ( OPERATION, DETAIL1,
1015 "ldap_chase_referrals: chasing LDAP referral <%s>\n", ref, 0, 0 );
1017 Debug( LDAP_DEBUG_TRACE,
1018 "chasing LDAP referral: <%s>\n", ref, 0, 0 );
1023 ber = re_encode_request( ld, origreq->lr_ber,
1024 ++ld->ld_msgid, sref, srv, &rinfo.ri_request );
1030 /* copy the complete referral for rebind process */
1031 rinfo.ri_url = LDAP_STRDUP( ref );
1033 rinfo.ri_msgid = origreq->lr_origid;
1035 rc = ldap_send_server_request( ld, ber, ld->ld_msgid,
1036 lr, srv, NULL, &rinfo );
1038 LDAP_FREE( rinfo.ri_url );
1044 LDAP_LOG ( OPERATION, ERR,
1045 "ldap_chase_referrals: Unable to chase referral <%s>\n",
1046 ldap_err2string( ld->ld_errno), 0, 0 );
1048 Debug( LDAP_DEBUG_ANY,
1049 "Unable to chase referral (%s)\n",
1050 ldap_err2string( ld->ld_errno ), 0, 0 );
1052 rc = ldap_append_referral( ld, &unfollowed, ref );
1055 ldap_free_urllist(srv);
1058 LDAP_FREE( *errstrp );
1059 *errstrp = unfollowed;
1061 return(( rc == 0 ) ? count : rc );
1066 ldap_append_referral( LDAP *ld, char **referralsp, char *s )
1070 if ( *referralsp == NULL ) {
1072 *referralsp = (char *)LDAP_MALLOC( strlen( s ) + LDAP_REF_STR_LEN
1076 *referralsp = (char *)LDAP_REALLOC( *referralsp,
1077 strlen( *referralsp ) + strlen( s ) + 2 );
1080 if ( *referralsp == NULL ) {
1081 ld->ld_errno = LDAP_NO_MEMORY;
1086 strcpy( *referralsp, LDAP_REF_STR );
1088 strcat( *referralsp, "\n" );
1090 strcat( *referralsp, s );
1098 re_encode_request( LDAP *ld,
1099 BerElement *origber,
1106 * XXX this routine knows way too much about how the lber library works!
1114 BerElement tmpber, *ber;
1119 LDAP_LOG ( OPERATION, ARGS,
1120 "re_encode_request: new msgid %ld, new dn <%s>\n",
1122 ( srv == NULL || srv->lud_dn == NULL ) ? "NONE" : srv->lud_dn, 0 );
1124 Debug( LDAP_DEBUG_TRACE,
1125 "re_encode_request: new msgid %ld, new dn <%s>\n",
1127 ( srv == NULL || srv->lud_dn == NULL) ? "NONE" : srv->lud_dn, 0 );
1133 * all LDAP requests are sequences that start with a message id.
1134 * For all except delete, this is followed by a sequence that is
1135 * tagged with the operation code. For delete, the provided DN
1136 * is not wrapped by a sequence.
1138 rtag = ber_scanf( &tmpber, "{it", /*}*/ &along, &tag );
1140 if ( rtag == LBER_ERROR ) {
1141 ld->ld_errno = LDAP_DECODING_ERROR;
1146 if ( tag == LDAP_REQ_BIND ) {
1147 /* bind requests have a version number before the DN & other stuff */
1148 rtag = ber_scanf( &tmpber, "{ia" /*}*/, &ver, &orig_dn );
1150 } else if ( tag == LDAP_REQ_DELETE ) {
1151 /* delete requests don't have a DN wrapping sequence */
1152 rtag = ber_scanf( &tmpber, "a", &orig_dn );
1154 } else if ( tag == LDAP_REQ_SEARCH ) {
1155 /* search requests need to be re-scope-ed */
1156 rtag = ber_scanf( &tmpber, "{ae" /*"}"*/, &orig_dn, &scope );
1158 if( srv->lud_scope != LDAP_SCOPE_DEFAULT ) {
1159 /* use the scope provided in reference */
1160 scope = srv->lud_scope;
1162 } else if ( sref && scope != LDAP_SCOPE_SUBTREE ) {
1163 /* use scope implied by previous operation */
1166 /* subtree -> subtree */
1167 scope = LDAP_SCOPE_BASE;
1171 rtag = ber_scanf( &tmpber, "{a" /*}*/, &orig_dn );
1174 if( rtag == LBER_ERROR ) {
1175 ld->ld_errno = LDAP_DECODING_ERROR;
1179 if (( ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
1183 if ( srv->lud_dn == NULL ) {
1189 if ( tag == LDAP_REQ_BIND ) {
1190 rc = ber_printf( ber, "{it{is" /*}}*/, msgid, tag, ver, dn );
1191 } else if ( tag == LDAP_REQ_DELETE ) {
1192 rc = ber_printf( ber, "{itsN}", msgid, tag, dn );
1193 } else if ( tag == LDAP_REQ_SEARCH ) {
1194 rc = ber_printf( ber, "{it{se" /*}}*/, msgid, tag, dn, scope );
1196 rc = ber_printf( ber, "{it{s" /*}}*/, msgid, tag, dn );
1199 LDAP_FREE( orig_dn );
1202 ld->ld_errno = LDAP_ENCODING_ERROR;
1207 if ( tag != LDAP_REQ_DELETE && (
1208 ber_write(ber, tmpber.ber_ptr, ( tmpber.ber_end - tmpber.ber_ptr ), 0)
1209 != ( tmpber.ber_end - tmpber.ber_ptr ) ||
1210 ber_printf( ber, /*{{*/ "N}N}" ) == -1 ) )
1212 ld->ld_errno = LDAP_ENCODING_ERROR;
1218 if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
1220 LDAP_LOG ( OPERATION, DETAIL1,
1221 "re_encode_request: new request is:\n", 0, 0, 0 );
1223 Debug( LDAP_DEBUG_ANY, "re_encode_request new request is:\n",
1226 ber_log_dump( LDAP_DEBUG_BER, ldap_debug, ber, 0 );
1228 #endif /* LDAP_DEBUG */
1230 *type = tag; /* return request type */
1236 ldap_find_request_by_msgid( LDAP *ld, ber_int_t msgid )
1240 for ( lr = ld->ld_requests; lr != NULL; lr = lr->lr_next ) {
1241 if( lr->lr_status == LDAP_REQST_COMPLETED ) {
1242 continue; /* Skip completed requests */
1244 if ( msgid == lr->lr_msgid ) {
projects / openldap / blob