2 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
3 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
6 * Copyright (c) 1990 Regents of the University of Michigan.
16 #include <ac/stdlib.h>
19 #include <ac/socket.h>
20 #include <ac/string.h>
25 static char *find_right_paren LDAP_P((
28 static char *put_complex_filter LDAP_P((
34 static int put_filter LDAP_P((
38 static int put_simple_filter LDAP_P((
42 static int put_substring_filter LDAP_P((
47 static int put_filter_list LDAP_P((
52 * ldap_search_ext - initiate an ldap search operation.
57 * base DN of the base object
58 * scope the search scope - one of LDAP_SCOPE_BASE,
59 * LDAP_SCOPE_ONELEVEL, LDAP_SCOPE_SUBTREE
60 * filter a string containing the search filter
61 * (e.g., "(|(cn=bob)(sn=bob))")
62 * attrs list of attribute types to return for matches
63 * attrsonly 1 => attributes only 0 => attributes and values
66 * char *attrs[] = { "mail", "title", 0 };
67 * ldap_search_ext( ld, "c=us@o=UM", LDAP_SCOPE_SUBTREE, "cn~=bob",
68 * attrs, attrsonly, sctrls, ctrls, timeout, sizelimit,
74 LDAP_CONST char *base,
76 LDAP_CONST char *filter,
81 struct timeval *timeout,
88 Debug( LDAP_DEBUG_TRACE, "ldap_search_ext\n", 0, 0, 0 );
91 * if timeout is provided, use only tv_sec as timelimit.
92 * otherwise, use default.
94 timelimit = (timeout != NULL)
95 ? timelimit = timeout->tv_sec
98 ber = ldap_build_search_req( ld, base, scope, filter, attrs,
99 attrsonly, sctrls, cctrls, timelimit, sizelimit );
106 if ( ld->ld_cache != NULL ) {
107 if ( ldap_check_cache( ld, LDAP_REQ_SEARCH, ber ) == 0 ) {
109 ld->ld_errno = LDAP_SUCCESS;
110 *msgidp = ld->ld_msgid;
113 ldap_add_request_to_cache( ld, LDAP_REQ_SEARCH, ber );
115 #endif /* LDAP_NOCACHE */
117 /* send the message */
118 *msgidp = ldap_send_initial_request( ld, LDAP_REQ_SEARCH, base, ber );
129 LDAP_CONST char *base,
131 LDAP_CONST char *filter,
134 LDAPControl **sctrls,
135 LDAPControl **cctrls,
136 struct timeval *timeout,
143 rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly,
144 sctrls, cctrls, timeout, sizelimit, &msgid );
146 if ( rc != LDAP_SUCCESS ) {
150 if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 )
151 return( ld->ld_errno );
153 return( ldap_result2error( ld, *res, 0 ) );
157 * ldap_search - initiate an ldap search operation.
162 * base DN of the base object
163 * scope the search scope - one of LDAP_SCOPE_BASE,
164 * LDAP_SCOPE_ONELEVEL, LDAP_SCOPE_SUBTREE
165 * filter a string containing the search filter
166 * (e.g., "(|(cn=bob)(sn=bob))")
167 * attrs list of attribute types to return for matches
168 * attrsonly 1 => attributes only 0 => attributes and values
171 * char *attrs[] = { "mail", "title", 0 };
172 * msgid = ldap_search( ld, "c=us@o=UM", LDAP_SCOPE_SUBTREE, "cn~=bob",
173 * attrs, attrsonly );
177 LDAP *ld, LDAP_CONST char *base, int scope, LDAP_CONST char *filter,
178 char **attrs, int attrsonly )
182 Debug( LDAP_DEBUG_TRACE, "ldap_search\n", 0, 0, 0 );
184 ber = ldap_build_search_req( ld, base, scope, filter, attrs,
185 attrsonly, NULL, NULL, -1, -1 );
192 if ( ld->ld_cache != NULL ) {
193 if ( ldap_check_cache( ld, LDAP_REQ_SEARCH, ber ) == 0 ) {
195 ld->ld_errno = LDAP_SUCCESS;
196 return( ld->ld_msgid );
198 ldap_add_request_to_cache( ld, LDAP_REQ_SEARCH, ber );
200 #endif /* LDAP_NOCACHE */
202 /* send the message */
203 return ( ldap_send_initial_request( ld, LDAP_REQ_SEARCH, base, ber ));
208 ldap_build_search_req(
210 LDAP_CONST char *base_in,
212 LDAP_CONST char *filter_in,
215 LDAPControl **sctrls,
216 LDAPControl **cctrls,
218 ber_int_t sizelimit )
226 * Create the search request. It looks like this:
227 * SearchRequest := [APPLICATION 3] SEQUENCE {
228 * baseObject DistinguishedName,
234 * derefAliases ENUMERATED {
235 * neverDerefaliases (0),
236 * derefInSearching (1),
237 * derefFindingBaseObj (2),
238 * alwaysDerefAliases (3)
240 * sizelimit INTEGER (0 .. 65535),
241 * timelimit INTEGER (0 .. 65535),
244 * attributes SEQUENCE OF AttributeType
246 * wrapped in an ldap message.
249 /* create a message to send */
250 if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
254 if ( base_in == NULL ) {
255 /* no base provided, use session default base */
256 base = ld->ld_options.ldo_defbase;
258 base = (char *) base_in;
261 if ( base == NULL ) {
262 /* no session default base, use top */
266 #ifdef LDAP_CONNECTIONLESS
267 if ( ld->ld_cldapnaddr > 0 ) {
268 err = ber_printf( ber, "{ist{seeiib", ++ld->ld_msgid,
269 ld->ld_cldapdn, LDAP_REQ_SEARCH, base, scope, ld->ld_deref,
270 (sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
271 (timelimit < 0) ? ld->ld_timelimit : timelimit,
274 #endif /* LDAP_CONNECTIONLESS */
275 err = ber_printf( ber, "{it{seeiib", ++ld->ld_msgid,
276 LDAP_REQ_SEARCH, base, (ber_int_t) scope, ld->ld_deref,
277 (sizelimit < 0) ? ld->ld_sizelimit : sizelimit,
278 (timelimit < 0) ? ld->ld_timelimit : timelimit,
280 #ifdef LDAP_CONNECTIONLESS
282 #endif /* LDAP_CONNECTIONLESS */
285 ld->ld_errno = LDAP_ENCODING_ERROR;
290 filter = LDAP_STRDUP( filter_in );
291 err = put_filter( ber, filter );
295 ld->ld_errno = LDAP_FILTER_ERROR;
300 if ( ber_printf( ber, /*{*/ "{v}}", attrs ) == -1 ) {
301 ld->ld_errno = LDAP_ENCODING_ERROR;
306 /* Put Server Controls */
307 if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
312 if ( ber_printf( ber, /*{*/ "}", attrs ) == -1 ) {
313 ld->ld_errno = LDAP_ENCODING_ERROR;
322 find_right_paren( char *s )
328 while ( *s && balance ) {
332 else if ( *s == ')' )
335 if ( *s == '\\' && ! escape )
343 return( *s ? s : NULL );
347 put_complex_filter( BerElement *ber, char *str, ber_tag_t tag, int not )
352 * We have (x(filter)...) with str sitting on
353 * the x. We have to find the paren matching
354 * the one before the x and put the intervening
355 * filters by calling put_filter_list().
358 /* put explicit tag */
359 if ( ber_printf( ber, "t{" /*}*/, tag ) == -1 )
363 if ( (next = find_right_paren( str )) == NULL )
367 if ( put_filter_list( ber, str ) == -1 )
371 /* flush explicit tagged thang */
372 if ( ber_printf( ber, /*{*/ "}" ) == -1 )
379 put_filter( BerElement *ber, char *str )
381 char *next, *tmp, *s, *d;
382 int parens, balance, escape, gotescape;
385 * A Filter looks like this:
386 * Filter ::= CHOICE {
387 * and [0] SET OF Filter,
388 * or [1] SET OF Filter,
390 * equalityMatch [3] AttributeValueAssertion,
391 * substrings [4] SubstringFilter,
392 * greaterOrEqual [5] AttributeValueAssertion,
393 * lessOrEqual [6] AttributeValueAssertion,
394 * present [7] AttributeType,
395 * approxMatch [8] AttributeValueAssertion,
396 * extensibleMatch [9] MatchingRuleAssertion -- LDAPv3
399 * SubstringFilter ::= SEQUENCE {
400 * type AttributeType,
401 * SEQUENCE OF CHOICE {
402 * initial [0] IA5String,
404 * final [2] IA5String
408 * MatchingRuleAssertion ::= SEQUENCE { -- LDAPv3
409 * matchingRule [1] MatchingRuleId OPTIONAL,
410 * type [2] AttributeDescription OPTIONAL,
411 * matchValue [3] AssertionValue,
412 * dnAttributes [4] BOOLEAN DEFAULT FALSE }
414 * Note: tags in a choice are always explicit
417 Debug( LDAP_DEBUG_TRACE, "put_filter \"%s\"\n", str, 0, 0 );
419 gotescape = parens = 0;
427 Debug( LDAP_DEBUG_TRACE, "put_filter: AND\n",
430 if ( (str = put_complex_filter( ber, str,
431 LDAP_FILTER_AND, 0 )) == NULL )
438 Debug( LDAP_DEBUG_TRACE, "put_filter: OR\n",
441 if ( (str = put_complex_filter( ber, str,
442 LDAP_FILTER_OR, 0 )) == NULL )
449 Debug( LDAP_DEBUG_TRACE, "put_filter: NOT\n",
452 if ( (str = put_complex_filter( ber, str,
453 LDAP_FILTER_NOT, 1 )) == NULL )
460 Debug( LDAP_DEBUG_TRACE, "put_filter: simple\n",
466 while ( *next && balance ) {
470 else if ( *next == ')' )
473 if ( *next == '\\' && ! escape )
474 gotescape = escape = 1;
484 tmp = LDAP_STRDUP( str );
487 for ( s = d = tmp; *s; s++ ) {
488 if ( *s != '\\' || escape ) {
497 if ( put_simple_filter( ber, tmp ) == -1 ) {
510 Debug( LDAP_DEBUG_TRACE, "put_filter: end\n", 0, 0,
512 if ( ber_printf( ber, /*[*/ "]" ) == -1 )
522 default: /* assume it's a simple type=value filter */
523 Debug( LDAP_DEBUG_TRACE, "put_filter: default\n", 0, 0,
525 next = strchr( str, '\0' );
526 tmp = LDAP_STRDUP( str );
527 if ( strchr( tmp, '\\' ) != NULL ) {
529 for ( s = d = tmp; *s; s++ ) {
530 if ( *s != '\\' || escape ) {
539 if ( put_simple_filter( ber, tmp ) == -1 ) {
549 return( parens ? -1 : 0 );
553 * Put a list of filters like this "(filter1)(filter2)..."
557 put_filter_list( BerElement *ber, char *str )
562 Debug( LDAP_DEBUG_TRACE, "put_filter_list \"%s\"\n", str, 0, 0 );
565 while ( *str && isspace( (unsigned char) *str ) )
570 if ( (next = find_right_paren( str + 1 )) == NULL )
574 /* now we have "(filter)" with str pointing to it */
576 if ( put_filter( ber, str ) == -1 )
592 char *value, savechar;
596 Debug( LDAP_DEBUG_TRACE, "put_simple_filter \"%s\"\n", str, 0, 0 );
598 if ( (s = strchr( str, '=' )) == NULL )
606 ftype = LDAP_FILTER_LE;
610 ftype = LDAP_FILTER_GE;
614 ftype = LDAP_FILTER_APPROX;
617 case ':': /* LDAPv3 extended filter */
618 ftype = LDAP_FILTER_EXTENDED;
622 if ( strchr( value, '*' ) == NULL ) {
623 ftype = LDAP_FILTER_EQUALITY;
624 } else if ( strcmp( value, "*" ) == 0 ) {
625 ftype = LDAP_FILTER_PRESENT;
627 rc = put_substring_filter( ber, str, value );
634 if ( ftype == LDAP_FILTER_PRESENT ) {
635 rc = ber_printf( ber, "ts", ftype, str );
637 rc = ber_printf( ber, "t{ss}", ftype, str, value );
642 return( rc == -1 ? rc : 0 );
646 put_substring_filter( BerElement *ber, char *type, char *val )
648 char *nextstar, gotstar = 0;
649 ber_tag_t ftype = LDAP_FILTER_SUBSTRINGS;
651 Debug( LDAP_DEBUG_TRACE, "put_substring_filter \"%s=%s\"\n", type,
654 if ( ber_printf( ber, "t{s{", ftype, type ) == -1 )
657 while ( val != NULL ) {
658 if ( (nextstar = strchr( val, '*' )) != NULL )
661 if ( gotstar == 0 ) {
662 ftype = LDAP_SUBSTRING_INITIAL;
663 } else if ( nextstar == NULL ) {
664 ftype = LDAP_SUBSTRING_FINAL;
666 ftype = LDAP_SUBSTRING_ANY;
668 if ( *val != '\0' ) {
669 if ( ber_printf( ber, "ts", ftype, val ) == -1 )
674 if ( nextstar != NULL )
679 if ( ber_printf( ber, /* {{ */ "}}" ) == -1 )
687 LDAP *ld, LDAP_CONST char *base, int scope,
688 LDAP_CONST char *filter, char **attrs,
689 int attrsonly, struct timeval *timeout, LDAPMessage **res )
693 if ( (msgid = ldap_search( ld, base, scope, filter, attrs, attrsonly ))
695 return( ld->ld_errno );
697 if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 )
698 return( ld->ld_errno );
700 if ( ld->ld_errno == LDAP_TIMEOUT ) {
701 (void) ldap_abandon( ld, msgid );
702 ld->ld_errno = LDAP_TIMEOUT;
703 return( ld->ld_errno );
706 return( ldap_result2error( ld, *res, 0 ) );
712 LDAP_CONST char *base,
714 LDAP_CONST char *filter,
721 if ( (msgid = ldap_search( ld, base, scope, filter, attrs, attrsonly ))
723 return( ld->ld_errno );
725 if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, res ) == -1 )
726 return( ld->ld_errno );
728 return( ldap_result2error( ld, *res, 0 ) );